Memo To The President   Leave a comment

Not mine, but Bruce’s.  It’s a good read; if you’re interested in cybersecurity issues, I recommend you take a peek, especially if you’re wondering what politicians ought to be doing to improve the condition of the Intertubes.

My favorite paragraph:

Security is both subtle and complex, and — unfortunately — doesn’t readily lend itself to normal legislative processes. You’re used to finding consensus, but security by consensus rarely works. On the internet, security standards are much worse when they’re developed by a consensus body, and much better when someone just does them. This doesn’t always work — a lot of crap security has come from companies that have “just done it” — but nothing but mediocre standards come from consensus bodies. The point is that you won’t get good security without pissing someone off: The information broker industry, the voting machine industry, the telcos. The normal legislative process makes it hard to get security right, which is why I don’t have much optimism about what you can get done.

Hoo, lord, is he right on that score… and this isn’t just about legislative processes.  Security by committee doesn’t work in your IT organization, either.  If you work for a medium-to-large company, you’ve probably seen the results of just this sort of intra-organizational political dogfight.


Posted August 12, 2008 by padraic2112 in politics, security

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: