Security Management Strategies for the CIOAccess "Face-Off: Schneier, Ranum debate security regulations"
This article is part of the November 2006 issue of Symantec 2.0: Evaluating their recent acquisitions
Bruce Schneier Point Regulation is about economics. Here's the theory: In a capitalist system, companies make decisions based on self-interest. This is good; we don't want companies acting as public charities, we want them acting as for-profit entities. But, there are effects of company decisions not borne by companies—these are "externalities." Companies don't always take externalities into account because, well, they're someone else's problem. If we want externalities to factor into company decisions, we have to make externalities internal. Then, the natural engine of capitalism will take over. An easy example: A company pollutes a river, and people downstream die. No one in the company lives downstream, no customer lives downstream, so the company doesn't care. It's a classic externality. If society wants the company not to pollute the river, it has to remove the externality. Liabilities (allowing the people who live downstream to sue) and regulations (making it illegal to pollute the river) do that. A rational company will spend more money so as not to ... Access >>>
Access TechTarget
Premium Content for Free.
What's Inside
Features
-
-
New business opportunities feed appetite for managed VPN services
Neil Roiter explores secure remote access possibilities.
- Viewpoint: Three cheers for free and open source software
- Events: Information security conferences for November 2006
-
SPI Dynamics' WebInspect 6.1 Product Review
Defend against Web application attacks and improve security. Learn about SPI Dynamics' WebInspect 6.1 product installation, configuration and reporting.
-
Security information management review: Network Intelligence's enVision
A review of SIM product: Network Intelligence's enVision
-
Recent Releases: Security product briefs, November 2006
Read about security products released in November 2006.
-
Auditing/Compliance
Consul Risk Management's InSight Suite v7
-
Business Survival 101: How to Perform a Business Impact Analysis
by Ed Moyle, Contributor
A business impact analysis can be a manual that helps your company weather disasters.
-
Symantec 2.0
by Dennis Fisher
John Thompson and Symantec are staking their claim as one of Silicon Valley's leading innovators. Will they succeed?
-
New business opportunities feed appetite for managed VPN services
-
-
Intrusion Detection: Arbor Networks' Peakflow X 3.6
Arbor Networks' Peakflow X 3.6
-
Digital Rights Management: SealedMedia's Enterprise DRM 5.0
SealedMedia's Enterprise Digital Rights Management 5.0
-
More Than Meets the Eye
You may think you're guarding your assets, but malicious insiders are using steganography to slip closely guarded company secrets out of your organization.
-
Voltage SecureMail Desktop product review
Product review of Voltage Security SecureMail Desktop email encryption security tool pricing, cost, setup, configuration and password policy features.
-
Symantec unveils Security 2.0 initiative
by Bill Brenner, Senior News Writer
As part of Security 2.0, Symantec unveiled new products and partnerships with VeriSign and Accenture to help customers secure their databases, manage risk and fight ID theft.
-
Security Service Provider Product Review: MessageLabs, Postini
Get the latest news on managed security service providers MessageLabs and Postini products. Pricing information, URL filtering, malware protection and other features are discussed.
-
Secure Reads: The Security Risk Assessment Handbook
Read a quick review of The Security Risk Assessment Handbook.
-
Optical network security: Inside a fiber-optic hack
Fiber-optic networks aren't hack-proof: A savvy attacker can crack them with ease.
-
Intrusion Detection: Arbor Networks' Peakflow X 3.6
-
Columns
-
Editor's Desk: The ultimate insider threat
Walk the Line
-
Perspectives: Pandemic planning for remote access
Shared infrastructure, such as power and water, must be operating, otherwise, enterprise business continuity plans in the event of a pandemic are useless.
-
Ping: Avi Rubin
Avi Rubin
-
Face-Off: Schneier, Ranum debate security regulations
Do federal security regulations help?
-
Editor's Desk: The ultimate insider threat
More Premium Content Accessible For Free
Next-generation firewalls play by new rules
E-Zine
Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...
Developing your endpoint security management transition plan
E-Handbook
This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...
Unlock new pathways to network security architecture
E-Zine
Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...