TMCnet News

Information Security: The New Bloodletting
[October 01, 2015]

Information Security: The New Bloodletting


BOSTON, Oct. 1, 2015 /PRNewswire/ -- It used to be that every practicing physician was thoroughly trained on how much blood to drain at what stage of all common ailments – until research demonstrated that bloodletting is useless and even harmful.

Photo - http://photos.prnewswire.com/prnh/20150930/272487

Now Wes Kussmaul claims that most information security technology is as useless as bloodletting.

As the founder of Delphi Internet Services Corporation, which was acquired by Rupert Murdoch's News America Corp., Kussmaul has been involved with the online world since 1981.

In his new book entitled Don't Get Norteled, Kussmaul notes that almost all information security technology depends upon determining the intentions and character of the sender of a stream of bits. "That's like asking a building's lobby receptionist to determine the intentions and character of everyone who walks through the door. It's impossible" says Kussmaul, "except in the case of an amateur attacker who lacks skills and funding. And those are not the attackers you need to worry about."

Jst as practitioners of bloodletting worked to assure the public, security experts work to assure us that their methods are working. But, claims Kussmaul, failure to think through that basic assumption has deflected attention from proven Authenticity-based solutions.



The subtitle of Don't Get Norteled is "Authenticity works where security technology has failed us." The author explains that "Authenticity with a capital A is the condition that exists when all significant events are digitally signed by user-owned universal credentials based upon digital certificates of measurable reliability."

The title, Don't Get Norteled, refers to the fate of the officers of Nortel Networks, a ten billion dollar maker of network equipment that went bankrupt in 2009. As the company was failing it was learned that the usernames and passwords of Nortel's top seven officers had been compromised for years by hackers apparently operating from the company's competitors in China. The author demonstrates that Nortel could have prevented the disaster by using the methods of Authenticity.


Written for CEOs, COOs and CFOs rather than technologists, Don't Get Norteled, 469 pages, ISBN 978-1-931248-25-9 is published by PKI Press and is available in ebook and print form from the PKI Press Bookstore, https://pkipress.com/ and from other booksellers. Review copies available.

PKI Press was established in 2001 to serve readers interested in issues of identity, authentication, privacy, and online community. If you're interested in the future of the Internet, browse our online catalog to find indispensable books for both technical and non-technical audiences.

Contact: Harvey Wharfield, Post Oak Associates
(978) 635-9586 | Email

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/information-security-the-new-bloodletting-300152386.html

SOURCE PKI Press


[ Back To TMCnet.com's Homepage ]