Craig Mundie, Microsoft Senior VP for Advanced Strategies and Policies recently addressed the what he sees as the major problem facing his company. Attempting to plug the many holes in older versions of the their software products, which he estimated at 30 to 40 times larger than the installed base of current versions. In Wired News, Mr. Mundie is quoted as stating “We’re going to tell people that even if it means we’re going to break some of your apps, we’re going to make these things more secure. You’re just going to have to go back and fix it. We’re all going to have to collectively spend more, both in the development and maintenance of these machines, if we are going to be more secure.” Seems the ball remains firmly in the user’s court.

Joshua Green addresses the current hype around cyber threats in the Washington Monthly article “The Myth of Cyberterrorism. Mr. Green argues that the level of concern with regard to cyberterrorism is articificially elevated — “stoking fears of cyberterrorism helps maintain the level of public anxiety about terrorism generally, which in turn makes it easier for the administration to pass its agenda.” He quotes Dorothy Denning, a computer science professor at Georgetown University and cybersecurity expert to support this point — “Not only does [cyberterrorism] not rank alongside chemical, biological, or nuclear weapons, but it is not anywhere near as serious as other potential physical threats like car bombs or suicide bombers.”

They teach in academies far to many things, and far too much that is useless. (Goethe)
The liberally educated person is one who is able to resist the easy and preferred answers, not because he is obstinate but because he knows others worthy of consideration. (Allan Bloom)

Conservative columnist William Safire warns of threats to privacy in You Are A Suspect. His concern is the DARPA “Total Information Awareness” program run by John Poindexter, whose goal is to create what the Defense Department describes as “a virtual, centralized grand database.” Safire writes “[Poindexter] is determined to break down the wall between commercial snooping and secret government intrusion. The disgraced admiral dismisses such necessary differentiation as bureaucratic “stovepiping.” And he has been given a $200 million budget to create computer dossiers on 300 million Americans.”

A survey of 279 IT executives surveyed by CIO magazine concludes: 1.) Those that have invested in IT security staff get more return on their investment; 2.) IT executives are struggling to get their arms around the costs of security breaches; and 3.) Companies are allocating 7% to 8% of total IT budget to security and the majority of respondents think they need to spend more on security, particularly on technology, user education and dedicated security staff. View survey results.