

Perverse Effects in Defense of Computer Systems: When More is Less

8 years 10 months ago
Perverse Effects in Defense of Computer Systems: When More is Less
With computer security spending on the rise, organizations seem to have accepted the notion that buying more—and more expensive—defenses allows them to better protect their computer systems and, accordingly, their business and customers. In the context of complex computer systems, however, defenses can also have the opposite effect, creating new, unforeseen vulnerabilities in the systems they are intended to protect. Advocacy for defense-indepth and diverse security measures has contributed to creating this “more is better” mentality for defending computer systems which fails to consider the complex interaction of different components in these systems, especially with regard to what impact new security controls may have the operation and functionality of other, pre-existing defenses. In this paper, we describe and give examples of several categories of perverse effects in defending computer systems and draw on the theory of unintended consequences and the duality of technology...
Josephine Wolff
Added 03 Apr 2016
Updated 03 Apr 2016
Type Journal
Year 2016
Authors Josephine Wolff
Comments (0)