Skip to Main Content
In evolutionary terms, the information security field is more than a decade behind software development. Developers have evolved, businesses have increasingly bet their entire business models on the Web and networks, and both sides have increased their security budgets. But what has the security architecture (as it's deployed in the field) got to show for all of this? More firewalls and more Secure Sockets Layer (SSL) connections. Why has information security failed? The problem lies with its mission-confidentiality, integrity, and availability are fine statements to make, but they don't lead anywhere. Because information security has proven incapable of evolving, it's time to learn from a discipline that has mastered innovation-software development. In this installment of Building Security In, we'll learn what this field can teach us.