QOTD - Geer on Evolution

The central tenet of the theory of evolution is that the changes which determine fitness are responses to threats imposed on the organism from the outside, that survival pressure forces change, but that only some changes aid survival. The threats are threats because they are new; technically, the appearance of a new survival threat is known as a punctuated equilibrium. All of us in the security field owe our jobs to one of these equilibrium punctuations: the sudden exposure of all computers to widely interconnected networks (the near simultaneous arrival of the first browser and the first network stack in Windows).
[...]
The equilibrium punctuation, the paradigm shift that is already here, is that data is now king. Yes, Moore’s Law still holds – every eighteen months a dollar buys twice what it did before – but a dollar buys twice as much storage about every twelve months and back in the lab they are doubling bandwidth about every nine. Every decade, that is two orders of magnitude for computing, three for storage, and four for bandwidth. The future of computing is, thus, all about data in motion. Data’s value and risk overtook the value and risk of networks and infrastructure; data punctuated the equilibrium of security management. To retain the former paradigm is to fail to evolve, and failing to evolve is a dead end. -- Dan Geer, Chief Scientist Emeritus at Verdasys
Please, go read the whole article, it is well worth it!

Note: emphasis is mine.

Src: The Enterprise Information Protection Paradigm | TMCNet.com

No comments: