Remember in geometry class when you were asked to imagine a single point in space with zero width? That's a "point" a zero dimensional object. Then, they asked you to imagine two such impossible constructs and the series of such zero dimensional objects which lie between (how can something be "between" two objects which have no width?) the two and extensions without curve into infinity on either side, this is - geometrically speaking a line, a mythical two dimensional object having only length (typically infinite length) but no width.
Why rant about impossible constructs that we use to define the world around us, build bridges, shoot laser beams at highly reflective Russian moon landers (http://en.wikipedia.org/wiki/Lunokhod_1) and generally differentiate ourselves from really smart chickens? Because I want to make a distinction between useful imaginary constructs like geometric lines and really damaging ones like "secure um, anything."
The word "secure" is by it's nature an absolute term. To back away from that you need to add modifiers like "somewhat" or (and I've heard and/or used this one) suffixes like -ish. Like an actual two dimensional object, secure doesn't actually exist except in theory. Unlike lines, there is really no useful context in which we describe things as secure or not.
Why even have this discussion? Because I encounter people every day, who are supposedly savvy in the ways of protecting electronic assets but use language like "secure infrastructure" and "secure database" when they should be talking about levels of protection. In truth, there's a sliding scale of how protected (how secure - see you can use it with qualifiers...) things are; from my fairly well protected Timex Sinclair in the corner of my office running my lava lamp (no network connection, and I don't type on it - but an EMP could probably corrupt data and ruin the current rendering of the Experience Music Project in lava) to the City of Bellevue 911 system (http://www.schneier.com/essay-002.html) at the other end of the spectrum. All discussions of risk regarding systems and networks should really be done in this context, or lay people (and geometry teachers) will assume that you mean what you say when you use the unqualified word "secure."
While we're at it, there's also no absolute standard for what is "secure enough." Our ultimate goal in most commercial applications of information assurance should be to make things as secure as the organization needs it to be. In other words, to match the level of accepted (or residual) risk to the level of risk that management deems appropriate. I can hear the howling already "What the heck does MANAGEMENT know about appropriate levels of risk? Those guys are complaining about how antivirus is slowing down their $2000 ultra-thin laptops!" To which I say, understanding and accepting all kinds of organizational risk is a large part of their job. In fact, it's what really defines the role of the highest levels of management beyond being just a high level administrative wonk but if your management doesn't understand cyber risk, you haven't done your job.
Mind you, I'm not saying that it was ever really even possible to DO your job, I'm just saying that a HUGE part of the job is explaining risk to the point where the highest levels of management truly understand it and can make good decisions, and apparently that didn't happen. It may be that your management, for whatever reason is incapable of understanding cyber risk (I'll follow with a rant about what is or is not being taught in business schools some other time.) In that case, it may be completely impossible to convey risk and be understood --- but it still means you haven't done that part of your job. I liken this to sending a carpenter to a job site without any hammers. At the end of what would be a very frustrating day trying to build a wall hammering with rocks and other found materials, there's no new dining room wall. Sure, there was no way to build one without a hammer, but in the end the job still isn't done.
So, let's leave the theoretical ideals safely back in geometry class (unless you want to talk about separable completely metrizable topological spaces - which are totally useful in understanding some kinds of data) and talk about the universe we actually interact with where lines have width (on paper), secure doesn't exist, risk is acknowledged to be a relative measure and we don't eliminate parts of our job because they are really hard, or even impossible.
No comments:
Post a Comment