Total security is just an illusion

What does the parent of a perfect teenager have in common with a CIO who has a perfectly secure data center? They're both delusional. "No [company] is ever 100% secure," said Jack Phillips, managing partner of The Institute for Applied Network Security in Boston. Phillips spoke to some 200 IT executives at the CIO Decisions Conference 2006 held last week in Carlsbad, Calif. "You cannot eliminate risk altogether."

Just like a parent in denial, a CIO sometimes has to learn the hard way, with news delivered in the middle of the night.

"People are a little more confident than they should be," Phillips said. "They think they're secure until something happens. There's an illusion of security."

When it comes to security, the first thing CIOs have to learn is that no security policy and system can be perfect. However, it is possible to sleep at night knowing your system is "good enough," Phillips said. Total security is just an illusion

Linked by shanmuga Wednesday, 21st June 2006 1:06AM