Almaden Institute

How to Think About Security Abstract: Security is always a matter of tradeoffs. When evaluating a particular security measure, you have to make two decisions. One, you have to decide if the particular security measure is effective for you in your situation. And two, you have to decide if it’s worth doing: if the security benefits outweigh the tradeoffs. This talk outlines a five-step process for making this determination and illustrates by discussing a variety of security countermeasures.   Bruce Schneier - Bio  Bruce Schneier  Founder and Chief Technical Officer,  Counterpane Internet Security, Inc.  schneier@counterpane.com  Web Sites  http://www.counterpane.com Biography Internationally-renowned security technologist and author Bruce Schneier is both a Founder and the Chief Technical Officer of Counterpane Internet Security, Inc. Counterpane provides Managed Security Monitoring services to organizations worldwide. This outsourced real-time monitoring service uses a unique combination of people and technology to safeguard computer networks. Using sophisticated analysis and correlation tools, Counterpane’s expert Security Analysts monitor the entire network for suspicious internal and external activities and help an organization take immediate action to keep its business running smoothly. Schneier is responsible for maintaining Counterpane’s technical lead in world-class information security technology and its practical and effective implementation. Schneier’s security experience makes him uniquely qualified to shape the direction of the company’s research endeavors, as well as to act as a spokesperson to the business community on security issues and solutions. Schneier is the author of six books, including Secrets & Lies: Digital Security in a Networked World. Published in October 2000, the book has already sold 80,000 copies. One of his earlier books, now in its second edition, is the seminal work in its field and has sold over 150,000 copies and has been translated into five languages. He writes the free e-mail newsletter Crypto-Gram, which has over 70,000 readers. He has presented papers at many international conferences, and he is a frequent writer, contributing editor, and lecturer on the topics of cryptography, computer security, and privacy. Schneier designed the popular Blowfish encryption algorithm. And Schneier’s Twofish was a finalist for the new Federal Advanced Encryption Standard (AES). Schneier served on the board of directors of the International Association for Cryptologic Research and is an Advisory Board member for the Electronic Privacy Information Center. Schneier holds an MS degree in computer science from American University and a BS degree in physics from the University of Rochester.