Does the security industry need to exist?

There is no greater act of intellectual heresy than to turn up to a computer show while questioning the need for that show even to exist, not to mention everything being promoted at it, but that is apparently what Bruce Schneier did at last week’s Infosecurity Europe show.

Do we need a security industry at all? Not really. So why do we have one? Because the IT industry is accidentally-deliberately wedded to poor security, and uses this fact to gently extort money from people to compensate for bad programming, and bad thinking.

"We shouldn't have to come and find a company to secure our e-mail. E-mail should already be secure. We shouldn't have to buy from somebody to secure our network or servers. Our networks and servers should already be secure," he told a delighted Silicon.com journalist, no doubt perspiring from the lack of anything else even vaguely controversial to write about.

He’s been saying this for some time, and we’ve been saying we disagree with his solution to the problem of making software companies liable for bad code.

But in any case, the problem of security is not simply that it exists to solve the laziness and sloppiness of an entire industry (however apt that might be as a moral analysis) but that there are simply too many security “solutions” chasing too few fundamental problems, a disproportionate number of which afflict only a small part of IT, the client computer.

Security will always be necessary in the real world, but working out which bits present the best security is immensely difficult. There are too many technologies and designs that do similar things, all chasing the same confused customers. As time passes, the number of designs increases, and this tempts people to solve problems they don’t have, or over-engineer protection they probably won’t use. And e-crime continues to rise because, in any case, the biggest security problem – the one no amount of security will ever solve – is the human one.

Computers, like guns, don’t kill people, but they sure make it a hell of a lot easier to try.

Tags: techworld

Subscribe to this blog

Sphere: Related Content

Contact Us

For editorial queries:
Max Cooter max@techworld.com

For website issues:
Email webmaster@techworld.com

For commercial queries
Russell Kearney russell_kearney@idg.co.uk

You must be logged in to post a comment.

Techworld White Papers

Integrating SharePoint with Lotus Notes

Solving interoperability challenges by migrating away from Lotus Notes and Domino® to an all-Microsoft infrastructure is a costly proposition. Find out how to deliver access to all collaboration and messaging resources through a single interface, without the high costs or risks of a migration.

Download Whitepaper

A guide to messaging archiving: Reduce costs, retain memory and ensure you are legally compliant

This white paper discusses the several reasons to implement a messaging archiving system and provide an overview of ten vendors whose offerings are focused squarely on the archiving space.

Download Whitepaper

Effective security with a continuous approach to ISO 27001 Compliance

Learn more about how you can improve security and comply with ISO 27001 by downloading this whitepaper.

Download Whitepaper

Understanding ITIL service portfolio management

This paper examines the various components of the service portfolio, such as the service catalogue. In addition, it discusses technologies available to develop and manage the service portfolio and to leverage the information contained in the catalogue.

Download Whitepaper

Resource Centre

Oracle Database

Oracle Enterprise 2.0

Techworld UK - Technology - Business

Integrating SharePoint with Lotus Notes

Read this whitepaper and learn how to promote collaboration cost-effectively by integrating SharePoint with your existing Lotus messaging platform. The benefits and capabilities of software coexistence are presented, along with the risks and expenses of a migration.

Download white paper

Seven Ways ITIL Can Help You in an Economic Downturn

Learn more about how ITIL can help your business weather the economic storm, and how it can leave you better positioned for growth when the economy begins to rebound.

Download white paper

Delivering Value to Your Business with Next Generation Remote Support Solutions

With the ever increasing mobility of today’s workforce, today's CIO needs to ensure their IT departments deliver cost effective solutions that increase helpdesk productivity, maximise user satisfaction and add real value to their business. View this webcast to discover how next generation remote solutions can help achieve these benefits.