Patrick Joyce

January 24, 2007

Beyond Fear

Beyond Fear

I recently read Beyond Fear by Bruce Schneier and I absolutely cannot recommend it more highly. The book seeks to look at security in an objective and rational way. Far too often our public discourse is shaped by fear mongering and the result is that ineffective, unpalatable, or dangerous security measures are forced upon us. The goal of the book is to establish a framework with which the trade offs of a proposed security measure can be evaluated. Through calmly and rationally examining proposed security measures we can hope to move beyond the propaganda and fear towards a society that is not only secure, but free. To that end he proposes a five simple questions to ask when examining security measures:

  1. What assets are you trying to protect?
  2. What are the risks to these assets?
  3. How well does the security solution mitigate those risks?
  4. What other risks does the security solution cause?
  5. What costs and trade-offs does the security solution impose?

I think that the examination of costs and trade-offs is a step that far too often is ignored. All security measures have costs, and the opportunity cost of any security measure should not be underestimated. Money spent on a fence on the Mexican border cannot be spent for more border patrol officers. Mr. Schneier's summation of the issue on page 14 is excellent:

Every security system has costs and requires trade-offs. Most security costs money, sometimes substantial amounts; but other trade-offs may be more important, ranging from matters of convenience and comfort to issues involving basic freedoms like privacy. Understanding these trade-offs is essential.

Bruce Schneier Beyond Fear (Page 14)

Mr. Schneier comes from the computer security field, yet this book focuses on real world security. That said the system of thinking he advocates applies equally well to all security situations, be they real or virtual.

Everyone should read this book. Every politician should be required by law to read it.

Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety.

Benjamin Franklin

More Articles on Software & Product Development

Agile With a Lowercase “a”
”Agile“ is an adjective. It is not a noun. It isn’t something you do, it is something you are.
How Do You End Up With A Great Product A Year From Now?
Nail the next two weeks. 26 times in a row.
Build it Twice
Resist the urge to abstract until you've learned what is general to a class of problems and what is specific to each problem.