Understanding Risk or the Bombastic Prose and Soapbox Oratory of a 25-Year Veteran of the Computer Security Wars

• Published in: Information systems security Vol. 10; no. 6; pp. 14 - 17
• Main Author: (Dan) Erwin, D. G.
• Format: Journal Article
• Language: English
• Published: Taylor & Francis Group 01.01.2002
• ISSN: 1065-898X; 1934-869X
• DOI: 10.1201/1086/43318.10.6.20020123/32818.4

Over an extremely short period of our history, computer systems and the Internet have become a critical element in our social and economic infrastructure. Most would agree that information systems and, dare I say, information security, have evolved into the most critical elements of our economic infrastructure. Security has been charged with a simple task: to plan, implement, and manage an integrated, heterogeneous security environment across hardware, operating systems, middleware, network protocols, applications, and databases. There is just one small problem. Security technology is relatively immature. Security tools are weak or lacking. The tools that are available are product based - not enterprisewide, which leads to many uncommon and unworkable solutions.