What is “security”?
The first problem of security lies with its definition.
According to Webster's;
Freedom from risk or danger; safety.
Freedom from doubt, anxiety, or fear; confidence.
Something that gives or assures safety
Measures taken by a military unit, activity, or installation to protect itself against all acts designed to, or which may, impair its effectiveness.
A condition that results from the establishment and maintenance of protective measures that ensure a state of inviolability from hostile acts or influences.
With respect to classified matter, the condition that prevents unauthorized persons from having access to official information that is safeguarded in the interests of national security.
Taken from http://www.answers.com/security
So, in the civilian sense, security from malicious intent is perceived as something to be achieved. Yet, in the military scope, it consists of actions that provide for degrees of protection from harm.
From my personal experience, I feel that the most commonly accepted corporate definition of security is something that can be bought; a commodity. In practice, this thinking takes us back to the medieval days of the walled city; protecting the perimeter; keeping the barbarians outside the gate.
History tells us two things about this fallacy in thinking;
Concentrating on making the exterior impervious to attack, weakens the interior
The barbarians will always find a way to get inside
So, remember this;
security is a continuing battle against malicious intent
people are the key to surviving the battle, not technology
Copyright © 2005 Mark Stingley