Wednesday, May 02, 2007

Good things, when short, are twice as good.

If you know anything about information security, claim to, or even have a passing interest; then this 3 page PDF document will reinforce, refresh, and explain concisely the issues we face.

"The Committee on Homeland Security's Subcommittee on Emerging
Threats, Cybersecurity, and Science and Technology will hold a
hearing entitled "Addressing the Nation's Cybersecurity Challenges:
Reducing Vulnerabilities Requires Strategic Investment and Immediate
Action." Witnesses include Dr. Daniel E. Geer, Jr., Principal, Geer
Risk Services, LLC; ........."
....

Dan's testimony is here:

http://geer.tinho.net/geer.housetestimony.070423.PDF

Security metrics, expertise supply, increasing risk due to intelligent attacks, information sharing (my personal favourite) and accountability as opposed to access control.

Note: You may be interested also in some of Dan's other publications:
1. "Data Loss Prevention" [http://www.verdasys.com/pdf/dlp_whitepaper.pdf]
2. "Securing the Point of Use" [http://www.verdasys.com/pdf/SecurePOS.pdf]
3. "Convergence" [http://geer.tinho.net/ieee.geer.0606.pdf] of physical and digital security.
4. "The Evolution of Security" [http://geer.tinho.net/acm.geer.0704.pdf]

No comments: