How Much is Too Much?

We in computer and network security, and those who claim to be, find ourselves talking about paranoia. Now, the definition we are talking about is the second one we find on dictionary.reference.com, “Extreme, irrational distrust of others.” In computer and network security, the “extreme” part is alright, as is the “distrust of others.” Of course, it is the “irrational” part that doesn’t belong.

Rational distrust versus irrational is often what seperates the grownups from the youngsters (darn, that is the second time I wrote that word on this blog today, and it is still a year before I turn 50!) — in Internet parlance, the wizards from the newbies. It does not seperate those who have certifications from those who do not have them (not in the direction you might think, anyway). It takes experience and it takes risk assessment taking into account all controls too know what to be afraid of and what not to.
Yeah I might be a little bit loco
But it keeps me from losin’ my mind
Oh but half insane that’s ok
Babe a little bit crazy’s alright.
— From “Loco,” by David Lee Murphy

No comments: