« Why Sen. Tubes Matters | Main | Metcalfe's Law and Net Neutrality »

August 21, 2006



You blogged...
"We have the same problem with Internet security. The old paradigm is ever stronger forts around organizations. When it becomes obvious there is no defendable organizational perimeter, security pundits often stick to the old paradigm, recommending building forts around every computer."

Yup. In a network you do not protect the nodes individually you must protect them as a group, an interconnected system. Don't look at the nodes, look at how they are connected -- the pattern of links they are embedded in. Like I say "It's the connections, stupid!"


I agree completely, Valdis.

Sometimes stories do get the point across. One I tell frequently is about the Ancient Anasazi, found in Perilocity in two parts:

Cliff Forts vs. Coordinated Mesas

Fear Is Not Security

Those who are willing to listen and think about it usually get it.

Of course, those who most need to get it, i.e., the busy CEOs, CFOs, and CIOs, are the ones least likely to sit still for an extended metaphor.

The Anasazi story is also in my book, Risk Management Solutions.


The comments to this entry are closed.

My Photo

Risk Reading

Blog powered by Typepad