The security carousel

Thomas R. Temin

Some things never change.

At a seminar last month in Washington, computer security product vendors were asked to identify the biggest obstacles to improving agency security.

The answers were vintage 1990, maybe even 1980: no funding, inadequate technical skills, resistance from users. I've been hearing the same things at conferences for at least a dozen years.

Well, golly, the world is a lot more connected and network-dependent now than even a year ago'let alone a decade ago.

These answers cloak the real reason that bolstering security is tough. It's because computer breaches are like muggings, housebreakings and car crashes. People know they are frequent and widespread, but a single person, house or car statistically has little chance of getting hit. So most people don't carry guns, wire their houses or drive particularly defensively.

Agencies that are favorite targets of hackers tend to be on the alert already. Agencies where intrusions would cause financial damage and not just embarrassment don't talk much about their security programs.

For everyone else, security is more a seminar and conference topic than a worry that keeps anyone up at night. Any network administrator with minimal skills can keep antivirus scanning software up to date.

Nowadays, there's no mystery to achieving security. You can buy security products or assessment and planning services through any number of contracts.

As Saurang Shah, senior product manager for Axent Technologies Inc. of Rockville, Md., said, 'Stop studying it to death, and start implementing and devising a comprehensive security solution.'

Fernando Burbano, chief information officer at the State Department, pointed out that during the impending change in administration, the new president will have a small window of opportunity to make alterations in agency budgets. He said CIOs and other officials should press for a boost in security funds, a la the year 2000 approach.

Perhaps. But if I were a program manager with a big system to worry about, I wouldn't count on pennies from heaven.

Thomas R. Temin

Editorial director

E-mail: editor@gcn.comsuch

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.