Briefly Noted: Perfection Still Leaks
Bruce Schneier, author of Applied Cryptography, reportedly shelved the unfinished manuscript for his latest book, Secrets and Lies ($29.99, Wiley), because it was too depressing. He let it sit for two years, derailed by the fact that, for all he knew about threats to security in the digital age, he could offer no truly effective solutions. Cryptography, he discovered, was not the answer. As he put it, “Mathematics is perfect; reality is subjective. Mathematics is defined; computers are ornery. Mathematics is logical; people are erratic, capricious, and barely comprehensible.”
Although readers may not sympathize entirely with this ivy-covered revelation, they will welcome the practical work that is the product of Schneier’s epiphany. Secrets takes a hopeful approach to the inevitable. Yes, cyberattacks will continue and businesses will lose money. But we can minimize damage by turning away from prevention and toward detection and reaction. Successful security is about risk management, about compartmentalizing networks, shoring up the weakest links, and setting defenses in layers. Secrets is a comprehensive, well-written work on a topic few business leaders can afford to neglect.