News in the Category "Type"
Page 88 of 96
Management Week Security Book Review: Book Lowers Fear of Threats
Bruce Schneier’s latest book on data security offers a logical and realistic approach to creating policies and educating staff.
Security guru Bruce Schneier has written several books but is best known for his first: Applied Cryptography. One problem with this earlier work is that it demands a high level of mathematical understanding.
His latest book, Beyond Fear: Thinking Sensibly About Security in an Uncertain World, is designed to help ordinary IT staff, business managers and end-users get to grips with current security issues.
The guide could prove useful for IT managers wanting to convey the importance of information security for the wider business, for example when negotiating budgets or attempting to get projects signed off…
The Visionaries: IT Leaders Make Predictions about the Future
Excerpt
Q: Will computers be more or less secure in 2028 than they are today?
A: Computers will be just as insecure, but computing will be more secure. Right now our major problem is that computer security is brittle; when it breaks, it breaks completely. As computing becomes embedded and invisible, it will become more resilient. Different systems will work in tandem, providing defense in depth. Cyberspace is no different than the real world: The individual pieces may be insecure, but the collection of pieces we call society hums along just fine…
"Bankernas kunder utan säkerhet"
Först skrev han “Applied Cryptography” som snabbt blev standardverket om kryptering. Sedan började han tvivla på att kryptering var nyckeln till datasäkerhet.
Datasäkerhet, säger Bruce Schneier, står och faller med mänskligt omdöme. I stället för att jaga efter nya krypteringsmetoder bör vi komma ihåg gamla sanningar som att ingen kedja är starkare än sin svagaste länk. Här svarar Bruce Schneier på Computer Swedens frågor om IT-säkerhet.
Vad brukar företag och myndigheter bortse från när det gäller IT-säkerhet?
– Människorna. De utgår från att säkerhet är ett tekniskt problem och tar till tekniska lösningar. Säkerhet är i själva verket ett socialt problem och det som behövs är sociala lösningar…
The Best: People
Excerpt
Like or loathe him, you’ve got to admit that cryptographer Bruce Schneier knows how to capture media attention. From titillating talks to shamelessly promote his books (including the best-selling Secret & Lies and the recently released Beyond Fear), to outrageous remarks on the speaker circuit, Schneier frequently grabs the spotlight with outspoken opinion and candor.
For example: “Most advisories trade on fear. Most newspaper and magazine articles trade on fear,” Schneier said in a recent Information Security interview. “Too many security companies are crying wolf far too often, and it hurts us all.” Not exactly a measured comment, considering his company, Counterpane Internet Security, is one of those companies vying for attention…
Review: Beyond Fear
Having been a long time reader of the Crypto-Gram column, and well aware of Schneier’s knowledge and expertise in the information security field, it was with some eagerness that I received a copy of his latest book, Beyond Fear. Needless to say, I was not let down by this entertaining and insightful tome.
Schneier provides an interesting view of the notion of security, outlining a simple five-step process that can be applied to deliver effective and sensible security decisions. These steps are addressed in detail throughout the book, and applied to various scenarios to show how simple, yet effective they can be…
Improved Security Requires IT Diversity
In his recently released book, Beyond Fear: Thinking Sensibly About Security in an Uncertain World (Copernicus Books, 2003), security guru Bruce Schneier argues for a more common-sense and less technology-centric approach to both IT security and physical security. In this interview with Computerworld, Schneier shares his views on IT security.
You recently co-wrote the report “CyberInsecurity: The Cost of Monopoly. How the Dominance of Microsoft’s Products Poses a Risk to Security.” Would you have written it if the world had been standardized around another operating system? …
REVIEW: Practical Cryptography, Bruce Schneier/Niels Ferguson
The preface points out that cryptography has done more harm than good in terms of securing information systems, not because cryptography fails in and of itself, but, rather, due to the improper use or implementation of the technology. This book is intended to provide concrete advice to those designing and implementing cryptographic systems. As such, it is not the usual introduction to cryptography, and is aimed at a fairly limited group.
Chapter one asserts that we should be engineering for security, rather than speed or bells and whistles. Security is only as strong as the weakest link, we are told in chapter two, and (following from the idea of defence in depth) we need to have engineering in depth (and probably breadth, as well). The issues are important, but there is some lack of clarity to the organization and flow of the text and arguments: the reader may start to wonder what the essence of the message is. (I see that I should have trademarked “professional paranoia” when I started using it years ago, but it is nice to note that the point is being taken.) Chapter three is a rather unusual “Introduction to Cryptography” (and the mathematical format of the text doesn’t make it easier for the math-phobic to concentrate on the meaning), but focussing on the applications and problems, the cryptanalytic attacks, and repeating the injunctions against complexity and the sacrifice of security for performance is a reasonable position…
A Tax on the Honest
HOW useful are ID checks in large office buildings? Is it safe to use a credit card online? Can face-scanning systems make airports safer? Not very, yes, and no, says Bruce Schneier in “Beyond Fear”, the latest of several books on security to have appeared since September 11th 2001.
Mr. Schneier, however, comes at these questions from an unusual and informative perspective. He is one of the world’s leading experts on computer security, and arguably the most articulate. For years, he has explained the ins and outs of his field by drawing analogies with real-world security. In his new book, he turns this approach on its head, using his analytical skills, honed in the field of computer security, to evaluate the other security measures that are now so common…
Risky Business?—Examining the Difference Between Safety and Security
In Beyond Fear, security consultant Bruce Schneier undertakes to teach the reader “to think about security.” That focus is the book’s strength and its limitation.
First, the limitation. The book refers to crimes, accidents and attacks, many of which would be fascinating to know about. But this book is not about any of those prospective events. It has a more practical purpose.
Thinking about security will be particularly valuable for anyone who has to make a decision about that—a business owner, perhaps, or a policymaker. Schneier lays out a set of questions to ask about any system: What is it trying to protect? From what? What good will it do? What problems will it create?…
Beyond Fear: Thinking Sensibly About Security in an Uncertain World
A “professional thinker about security” and author of Applied Cryptography (1994), said to have sold >200,000 copies, applies the methods developed for computer security to broader security issues, especially security against terrorism. “Security issues affect us more and more in our daily lives, and we should all make an effort to understand them better. We need to stop accepting uncritically what politicians and pundits are telling us. We need to move beyond fear and start making sensible security trade-offs.” Everyone makes security trade-offs, every day. We live our lives making judgments, assessments, assumptions, and choices about security (e.g., when we lock the door to our home, we make a security trade-off: the inconvenience of using a key in exchange for some security against burglary). Making security trade-offs isn’t some mystical art: “the goal of this book is to demystify security, to help you move beyond fear.” To get beyond fear, you have to start thinking intelligently about trade-offs, the risks you face, and the options for dealing with those risks. A lot of lousy security is available for purchase, and a lot of lousy security is imposed on us by government. Once we move beyond fear, we can recognize bad or overpriced security…
Sidebar photo of Bruce Schneier by Joe MacInnis.