Zero-Sum and security… oh, and layoffs

Posted by in Analysis on May 20, 2009

So I was catching up on reading and I happened to stumble upon a post by Sam Curry over at the RSA blog called Little Orange Line – Breaking Out of the Zero Sum Security Curve. Pretty cool read.

I was interested in it for a few reasons… first, it’s Sam, who’s awesome. Second, it’s also interesting to reflect on as a concept. The point that Sam recounts is that security is a zero-sum when it comes to security vs. performance. Meaning, in order for one to win, the other loses – or in other words, that a win for one is a loss for the other (kind of like rock-paper-scissors).

The reason I think it’s interesting is because security/performance are usually trade-offs (enough so that we usually think about it that way), but it doesn’t necessarily have to be the case. Why? Because reduced performance is a byproduct, not a law, in security. Meaning, that there’s no universal constraint that requires it be this way. For example, if you play a game of checkers, one player wins, one player loses. There’s no creative strategy that someone could use that would let both players win. Why not? Because those are the rules. But somebody could come up with a technology that increases performance *and* security – doesn’t usually happen, but it could. Anyway, I think it’s interesting for mulling over.

Also, on a completely different front, there’s more layoffs a-comin’ in FS. I’m interested why we’ve made such strides in fields like engineering and medicine, but yet our approach to operational efficieny. Shouldn’t we have a science of efficiency as advanced as what we have in other sectors? It’s still “fire people to improve efficiency” which seems to me sort of like cutting off a limb to fight infection. Sure it gets rid of the problem, but wouldn’t a more surgical approach be better and more ethical? Why is it that organizations waste time, energy and resources doing things the same old reactive way and then fire a bunch of people because of “operational inefficiencies”? It’s lame.

Someday I’m going to start a corporate efficiency think-tank.

Search
TwitterRssFacebook