Partilhar via

Is Effective Information Security an ART or a Science?

  • Artigo

Let's start with a definition to set the tone - this is one I've made up:

"Effective Security is enables business to be MORE effective whilst minimising risk to an acceptable level as defined in a meaningful security policy that has teeth".

I'm sure one of you could suggest a more eloquent way to expressing my definition - please add a comment to share your suggestions.

I don't know about you but I my instinct is to seek binary answers to questions even though I know in reality that few answers are clear cut.

IMHO Information Security is an ART as it's subjective and influenced by your preconceptions. Creativity and lateral thinking are attributes I look for in security professionals.

Some aspects of information security are technical, others of course are process and people oriented.

It's ALSO a SCIENCE IMHO - read on...

The dictionary definition of "science" provides some interesting fuel for this discussion based on the following extract:

"An activity that appears to require study and method....
...Knowledge, especially that gained through experience"

Effective Information Security certainly requires all of the above.

What do you think? Please take a moment to share your thoughts by posting a comment.

Comments

  • Anonymous
    April 05, 2006
    There are elements that pass for scientific method - you can certainly set up a control  to show what would happen to a system that hasn't had a particular security measure applied, and run an experiment to verify theory.
    Unfortunately, much like economics, the environment is largely comprised of people, so yesterday's experimental result may not be repeatable or reliable tomorrow.
  • Anonymous
    April 05, 2006
    I think information security has a greater mass of science with smaller art like appendages at the edges of our industries understanding.
  • Anonymous
    April 07, 2006
    This is a bit like is Sociology an art or a science? It certainly fits your dictionary definition of science. But is most sociology objective? We are after all humans studying humans!