People have a tendency to strongly prefer avoiding losses to acquiring gains. For example, which would make you feel better: getting a $10 discount, or getting a $10 gift card?
If you answered the latter, you’re obviously not human and should report to the nearest alien processing facility where you will be “massaged” in the Dissect-o-topsy 3000.
For those readers not keen on sucking out human brains through a sippy-straw, this phenomenon may explain why network security always tends to be “sexier,” getting more attention, than network management and application performance. The heroes are never the guys who save the company $1M over 5 years, they’re the guys that prevent a $100,000 loss from a malicious hacker.
But there are certain cultural and practical considerations as well. For example, very few people know what “latency” is. Instead, a decision-making executive is more likely to know – or think they know – what a computer “hacker” is. (Let’s not get into the hacker vs. cracker nomenclature debate right now.)
In short, it can be a lot easier to get funding to prevent a potential loss than it is to invest in a known gain.
But there are other considerations too – regulations designed to protect, not the company and it’s assets, but everyone else. Security Expert Bruce Schneier put it this way:
If ChoicePoint has lousy security and someone steals our identity information, we are harmed. But to ChoicePoint, it’s an externality. ChoicePoint isn’t a charity, and it’s not going to improve its security out of the goodness of its heart. If we want ChoicePoint to protect our data, we’re going to have to force them. We need to raise the cost of their having lousy security, so it’ll be cheaper for them to have good security.
At least, that’s the idea behind regulation. Unfortunately, reality isn’t nearly as simple as the theory. When you’re talking about regulation, the devil is in the details.
With regulation, an emphasis on security over performance starts to make more sense, because while poor network performancecan cost a company over the long term, it usually doesn’t have as much of a problem for the general public as a data breach would. It’s just the nature of the business.
Even so, we see more crossover between the performance and security spaces daily. Anomaly detection can be used to detect performance problems as the first tiny bits of evidence pop up – or malicious activity as it occurs. Retrospective analysisprovides both performance data and forensic evidence for intrusion.
And of course, if your network is performing poorly, it’s nice to know whether that’s because of short-sightedness or sabotage.
At any rate, maybe we’re a bit too worried about network security when there are other real problems. After all, it wasn’t a hacker that took out Bear Stearns, Fannie Mae, Freddy Mac, Lehman Brothers, or Merill Lynch.
No comments yet.