| An Uphill Battle Bloatware is increasingly complex, obscure, buggy, and exploitable. Virulent strains of malicious code are said to cause billions of dollars in damage. Miss a single critical patch, and they’ll eventually get you … and not all the bad guys are on the outside. Hopeful Signs Less appetite for risk translates to greater management support. Cryptography, virus protection, and firewalls are almost commodities, and the cost to repair the inevitable damage is decreasing. Increased vigilance means faster recognition of problems and less implausible denial. | "After 9/11, managers seem willing to accept arguments for increased security with little concern about the freedom and privacy they might be giving up, both in the world and in the microcosm of the enterprise." -- Mark Seiden, Guest Editor Opening Statement On Bricks and Walls: Why Building Secure Software Is Hard Assessing the Risk of COTS Usage in Survivable Systems If You Are Paying for Information Security Technology, You Have Paid Too Much Thinking Inside the Box: The Importance of Real-Time Log Monitoring for Network Security Viruses, Worms, and Zombies and What to Do About Them Toward Technology for Data Protection Selling a Better Security Program to Management | |
| Next Issue Business-to-Business Collaboration: How Critical Is It for Business Survival? Guest Editor: Stowe Boyd No man is an island, and an increasing number of companies are realizing that they can’t be either. Over the past two years, many organizations have begun to build on their supply chain integration efforts to create collaborative structures that engage business partners, suppliers, customers, and even competitors. Data, skill sets, and processes that were once closely guarded are coming to be shared by these collaborative communities in order to optimize supply chain operations, speed product development, and lower costs. But while its advocates argue that collaboration is the only path to managing complex, interrelated industries, naysayers counter that the payoff doesn’t justify the investments needed in complex, n-tier extended enterprises. Join us next month as we debate the challenges and opportunities presented by B2B collaboration. | ||
People who think about information security are used to finding fault, delivering the bad news, and using sales techniques usually associated with the insurance industry to sell the next phase of the security program. But now everyone is forced to start thinking the unthinkable. These days people seem willing to accept arguments for increased security with little concern for the freedom and privacy they might be giving up for it, both in the world at large and in the microcosm of their enterprise. In the May 2002 issue of Cutter IT Journal, we debate the limits of what is practical, appropriate, and effective in information security. How much security is "enough"? How can you sell better security programs to management? What role should security have in the design, architecture, and engineering process? Join us next month as we discuss how -- and whether -- we can increase the safety of computing in a dangerous world.
