Bruce Schneier.compiled by Tom Verhoeff in April 2004.
Beyond Fear: Thinking Sensibly about Security in an Uncertain World
Copernicus Books (Springer Verlag), 2003.
ISBN 0-387-02620-7 [ See this book at Amazon.com]
...
"In most security systems, active failures are more frequent than passive failures. Security countermeasures continually affect the normal functionality of the system, while they only occasionally affect attackers. (Actual attacker are, after all, relatively rare.) This magnifies the effects of active failures, and the impact security systems have on the innocent. ... Systems with a relatively high rate off active failures are almost always more trouble than they're worth because of the high rate of false alarms."
...
"Yet perhaps the most common security mistake of all is to expend considerable effort combating outsiders while ignoring the insider threat."
...
"The best way to deter terrorist attacks is to deny terrorists their goal by giving them only minimal media coverage. Admittedly, doing this is difficult in practice."
"Complex systems have even more security problems when they are nonsequential and tightly coupled."
...
"Every security system, without exception, needs trusted people to function, though these people are not necessarily trustworthy."
"All detection and response that involves people requires procedures. Response is difficult and complicated, and the times that a response is called for are likely to be stressful. If you want any hope of getting any of it right, you need to have procedures in place beforehand."
"Planning is on of the most important aspects of security defense, especially for detection and response. Protocols and procedures need to be thought out, and are subtle and hard to get right. And the only way to get them right is to plan carefully."
...
"Finally there is testing, one of the hardest things in security. On one hand, it's impossible to test security. On the other, it is essential to test security."