Hi folks,
It’s been a while. Sorry to rob you of your favorite posts for so long.
A few weeks ago I visited some friends in West Virginia, deep in coal country. It’s hard to overstate the importance of coal to that area and the yearning for a return of related jobs. Which makes you appreciate your opportunities when you realize that people are clamoring for the chance to spend their days underground in dark and dirty tunnels, digging out flammable chunks of earth and liberating explosive gasses in one of the ten most hazardous professions.
The drop in coal demand was a surprise to many, including an Englishman who’s been dead for 134 years – William Stanley Jevons. Jevons was an economist, and in his 1865 book The Coal Question, he articulated the Jevons Paradox. It describes when technological improvements enhance the efficiency with which a resource is used, but the rate of consumption of that resource goes up instead of down.
In Jevons case, he was talking about the unexpected increase in coal consumption following the introduction of new, more efficient steam engines. But modern examples abound, too – particularly in technology. Our processing power has followed Moore’s law, but instead of using the increase in processing capabilities (and accompanying storage capabilities) to execute tasks more efficiently, we’ve used up every ounce of that additional capacity. As our technology has become more efficient, our consumption has more than kept pace.
For those of us in security, that’s a problem.
Why? Because the bigger our digital footprint, the more difficult it is to secure our data and assets. In the words of another long-dead European guy:
Frederick becomes more right as what you’re trying to defend (digital or physical) increases in size. The further our sensitive data and assets spread, the more challenging it is to adequately protect them. So what can we do?
Practice digital minimalism. Google indicates this isn’t really a thing in this context – I may trademark it. But the gist is that less data, fewer systems, fewer applications = more security with less cost and less complexity. Think IKEA for the IT world.
Eh, maybe not the frustrating assembly part, but the simple, streamlined design part. The success of that approach depends on business discipline, too, of course. IT should never self-generate – it should reflect the needs of the business – and the business should take a measured approach when requesting an expansion of IT. But for those of us who live within the IT sphere, we can at least maintain a lean mentality for those things within our control. By doing so, we’ll improve the security of the agency.
Rex