Wednesday, February 6, 2008

Better is worse than good enough

A very insightful man was interviewed on DarkReading.

In a presentation here yesterday, Tippett -- who is vice president of risk intelligence for Verizon Business, chief scientist at ICSA Labs, and the inventor of the program that became Norton Antivirus -- said that about one third of today's security practices are based on outmoded or outdated concepts that don't apply to today's computing environments.


[...]

Tippett also suggested that many security pros waste time trying to buy or invent defenses that are 100 percent secure. "If a product can be cracked, it's sometimes thrown out and considered useless," he observed. "But automobile seatbelts only prevent fatalities about 50 percent of the time. Are they worthless? Security products don't have to be perfect to be helpful in your defense."


Source: Antivirus Inventor: Security Departments Are Wasting Their Time

This article supports my personal motto very strongly: better is worse than good enough. While I have not fully processed the extent of the points made in the article yet, it sits well with me after a first read.




No comments:

Post a Comment

Please share your view and opinions on what I wrote. In order to maintain quality, all comments will be moderated for merit. Contributions that call me out on statements that appear unfounded, wrong, or simply with which you disagree are highly appreciated and are even encouraged. Spam and 'me too' answers will be ignored.