GMO's Chief strategist Jeremy Grantham wrote a piece "A Powerful Warning Ignored" revisiting Dwight Eisenhower's famous military-industrial complex speech on January 17, 1961.
The report ends with data - "We have reviewed the last 50 years and compared 1960 with 2010 in every way we considered interesting, and present the results in Table 1"
The full report and data table is quite interesting, I won't try to summarize it here, but this passage struck home as it relates to infosec
This brings us to the most famous part of Ike’s speech: “In the councils of government, we must guard against the acquisition of unwarranted infl uence, whether sought or unsought, by the military-industrial complex. The potential for the disastrous rise of misplaced power exists and will persist. We must never let the weight of this combination endanger our liberties or democratic processes. We should take nothing for granted. Only an alert and knowledgeable citizenry… [can produce a system in which] security and liberty may prosper together.” To give this emphasis, Ike had already said elsewhere, “God help the Nation when it has a President who does not know as much about the military as I do.” That, of course, is a hurdle set so high that no later President has jumped over it. But luck plays a major role in the life of even the largest countries, and the unexpected collapse of the Soviet Union and its European satellites created a previously unimaginable world where military spending could be reduced and with it the suffocating political power of the “military-industrial complex.” Given the extent of the opportunity, we can admire the ability of the military and its friends in the armament business to hold onto resources that dwarf those of other countries: military spending in the U.S. still exceeds the absolute spending of the next 15 countries and is more than 70% of the rest of the world added together, as if we are preparing to repel the Martians! And still the struggle to limit military expenditures goes on. Recently I was lucky to hear a discussion on N.P.R. in which Barney Frank and Ron Paul (as wide a range of political beliefs as could be easily imagined) agreed on almost everything regarding the need to reduce military spending, particularly that part that still seems, in their opinion, to relate to the threat of a major tank invasion of Western Europe by the Soviet Union and its allies. I suppose we should be grateful that the U.S. cavalry has been disbanded
In the military world the defense spending means we need to get the Chinese to lend us money so that we can "afford" our defense spending, then various brass tell us that the Chinese are our biggest military threat!
The wasteful deficit spending and lack of accountability plague infosec where not only has the Cavalry not been disbanded, its the number one budget line item! Running up technical design debt since 1995.
A great post, Gunnar. I have only one quibble; you say "running up technical design debt since 1995". Firewalls have been around (and mostly useless) since way before 1995. The term was used in the movie "Hackers" in 1983; AT&T had one running by 1988. Marcus Ranum has a good presentation on firewall history here (PDF): http://www.ranum.com/security/computer_security/archives/firewall-early-days.pdf
Posted by: Bob Blakley | January 17, 2011 at 12:34 PM
thanks Bob, I was not aware of some of those historical references. I would say though a case could be made the design debt did not begin to incur until post 1995. The firewall + SSL model could be viewed as sufficient (or "well capitalized" ;-P) based on the type of transactions that were being run on the web at the time.
In any case whatever starting point, we need a QE2 stimulus for our security programs!
Posted by: gunnar | January 17, 2011 at 02:09 PM
Really apt reminder, thanks for surfacing! Though 1) it could only be made by someone of unequalled stature and 2) it had no effect. Maybe major rejiggering of resources happens only when things are stretched to the limit. A few mos of combat in WWI settled questions about the usefulness of cavalry that no amount of theorizing could. Or, "the recession finds what the auditors missed." Wasteful resource allocation is the luxury of avoiding hard tradeoff decisions. Maybe we have to be pressed a lot harder before we think sensibly about allocation in infosec.
Posted by: Cormac Herley | January 18, 2011 at 09:47 AM
@Cormac
wrt
" Maybe major rejiggering of resources happens only when things are stretched to the limit."
I agree, James Carville famously saying he wishes that when he dies that he would come back as the bond market because then everyone would be scared of him. So in this case the bond market forces governments to make hard choices that they are incapable of otherwise. Its playing out now all across Europe.
Posted by: Gunnar | January 18, 2011 at 09:54 AM