Secrets and Lies
Secrets & Lies: Digital Security in a Networked World
By Bruce Schneier
John Wiley & Sons, 2000,k 412 pp.
$29.99
By Eugene E. Kim
Bruce Schneier is a well-respected cryptographer, inventor of the Blowfish algorithm, and author of Applied Cryptography, one of the most important and useful books written on the subject. If anyone could write a definitive book on digital security, it would be him.
However, when Schneier first started writing Secrets & Lies: Digital Security in a Networked World, he realized that the way he'd been thinking about security was all wrong. That's not the sort of epiphany you'd expect an authority like Schneier to have, or at least admit to having. As he explains in the book's afterword, he originally thought security was about prevention. That assumption eventually upset him, because his years of experience as a cryptography consultant seemed fruitless in that regard. Despite his efforts, and those of like-minded and equally qualified individuals, security problems in the digital world continued to grow exponentially.
Schneier's epiphany was that security isn't simply about prevention, but about managing risk. He also realized that risk management is a holistic process that includes prevention, detection, and response. This led to a career path change for Schneier, and to the rewrite and publication of a very important book for the rest of us.
What Is Security?
Schneier's book begins by dispelling the common myth that cryptography is synonymous with security.
