Security Through Elbow Grease
One of the reasons infosecurity is so hard is that you have to know not only what to do--what products to deploy, what policies to implement, what compromises to make--but what not to do. This situation is made even more difficult because security is a moving target.
The problem isn't a lack of good security solutions. The problem is that there are too many good solutions. You're holding the proof in your hands: Information Security's 2003 Buyers' Guide.
There are nearly 1,900 IT security products and services listed in this guide, 65 percent more than last year. There's a lot of cool stuff here, but some of these products are unnecessary or just downright silly. Many solve a small problem but do little to address the big picture.
Compounding the problem are the security "experts," who never agree on where to begin. For every study that says insiders are the biggest security problem, there's another that insists that external exploits are where you should focus your attention. For every vendor who says, "Oh, you must first implement stronger controls at the perimeter," there's another who insists, "Focus on the host."
[ Read more ]