We have been thinking about information security for thousands
of years. But as the world continues to evolve, Information Security
must evolve to keep up with it.
Information security is a complex system, made up of hardware,
software, and wetware. Hardware primarily includes the computer systems
that we use to support our environments. Software includes all of the
code, databases, and applications that we use to secure the data.
Wetware includes policy, procedure, training, and other aspects that
rely on people. Information Security is part science, part art, and to
some I am sure it seems like part mysticism. But it is not new.
We have been thinking about information security for literally
thousands of years. Yes, thousands of years ago we did not have
computers, but we had other mechanisms. Back many moons ago, when
mankind was just learning to walk upright, Cronk wanted to keep a secret
so he hit Zonk on the head with a rock, and information security was
born.
Eunuchs were assigned to protect harems because they were, well,
eunuchs. In a similar fashion, many early messengers could not read to
make it harder for them to copy the message they were delivering. Some
had their tongues removed so that they could not speak of their message,
just deliver it. Scrolls were sealed in wax or lead seals so that the
recipient would know if the scroll or package were opened. If you read
Dan Brown’s The DaVinci Code, or saw the movie, you may have seen the
cryptex, a sealed tube with a combination that could expose an included
parchment to acid if it were forced open, destroying the contents. Yes,
they were real.
The world has evolved since Zonk and Cronk, as has, thankfully,
information security. Regardless of the exact mechanism used, the goals
have always been the same – protect the information. We like to think
that we keep evolving. That is one of the secrets to a long lifespan of a
species – the ability to evolve. The birth of the Internet brought huge
changes in the way people consume data, and along with it a giant
evolution in the world of information security. We had computers in the
1940s, but was there any such thing as a computer virus then?
But these are mostly Confidentiality issues. We cannot forget about
the other two parts of the basic security triumvirate, Availability and
Integrity. I once worked for a government agency which had an 11 second
unplanned outage one Sunday morning. Two and a half years later it was
still called “Black Sunday”. I also worked with a large retailer who
determined that a prolonged outage of their web retail site could cost
them $176,000 per minute in lost sales. I am sure the Southeast Asian
villagers who were promised six tons of rice were more than slightly
dismayed when the “r” was dropped during communication and the trucks
pulled up with six tons of ice. And I am sure that when Greg got 2 mg of
morphine instead of .2 mg that it really did matter. So, yes all of
these things are important elements in the complex system that makes up
Information Security.
Yet, the world continues to evolve. Go to SecurityWeek.com to read the full evolution of information security.
world of internet security, latest cyber security news,information,updates on technology,it job vacancies,internet security,breaches,and safeguards
0 comments:
Post a Comment