IBM Research’s Chief Technology Officer of Security & Privacy Dr. Charles Palmer told The New New Internet about some of the pressing challenges he’s faced in his role. “The biggest challenge has been getting people to understand two aspects of security; one is that you can never bolt it on at the end of your process. Whether you are talking about securing gates at an airport or highly complicated software or building security into a car–you can’t add it on at the end, it has to be a part of the design. A lot of the security we are living with today is bolted-on after the fact, and we see how well that works on many of our enterprise and home systems.”
He also highlighted the need to balance security with privacy for optimum results.
“The other challenging aspect is with regards to privacy, ” said Palmer. “I’m on advisory boards for privacy with DHS and spend a fair amount of time there–and it sounds like it is a weird thing for a security guy to do–but the bottom line is security and privacy are not antagonists; they are not enemies or opposite ends of a scale. You don’t balance security with privacy–that’s the wrong metaphor. What I’ve had a hard time getting people to understand, and they are coming around slowly, is that security and privacy are like two voices in a piece of music. They have to be harmonized. They have to be developed together. They cannot be two unrelated things slapped together, because will likely sound awful. That doesn’t work; one will win or at least dominate the other. No, they have to be developed together in a harmonious manner, so that at least if you are thinking about them both from the beginning, you have a much better chance of having something that has attributes of both when you are done.”
Click here to read the whole interview.
