« Perverse Incentives | Main | Future is Federation »

Comments

Augusto Barros

That's great Gunnar, but I see this somewhat incompatible with the "let's reengineer everything" position you also take in some of your posts (such as http://1raindrop.typepad.com/1_raindrop/2010/01/what-infosec-should-learn-from-apt.html).

Not being overly critical or cynical about it, just like to hear your perspective about how to balance between these two different perspectives (quick and dirty [and cheap] vs let's rebuild everything from scratch).

gunnar

@Augusto - what we are trying to do with this paper is to enumerate some proven ways to make forward progress on security without having huge exec support, budgets etc. so its evolutionary not revolutionary. lots of people are not in a position to make major changes to the overall system, but can still cost effectively make major security improvements

The comments to this entry are closed.