Talks: 2004 Archives
The last of the protection-detection-response triad to get any real attention, incident response is big business these days. In this talk, Bruce Schneier steps back and looks at the economic and psychological forces that affect incident response as both a business and a technical activity. Nothing seems to be able to keep sufficiently skilled and motivated attackers out of a network. Can incident response save the day?
Since 9/11, we have the Patriot Act, tighter screening at airports, a proposed national ID card system, a color-coded national alert system, irradiated mail, and a Department of Homeland Security. But do all of these things really make us any less vulnerable to another terrorist attack? Security expert Bruce Schneier evaluates the systems that we have in place post-9/11, revealing which of them actually work and which ones are simply "security theater." Learn why most security measures don't work and never will, why bad security is worse than none at all, and why strong security means learning how to fail well. Most of all, learn how you can take charge of your own security - personal, family, corporate, and national.
Sidebar photo of Bruce Schneier by Joe MacInnis.
Schneier on Security is a personal website. Opinions expressed are not necessarily those of IBM Resilient.