Complexity, abstraction and security

Reading news like this one, I wonder how we could improve managing IT security or just be able to keep up with the current development of IT. I see two main trends:

  • complexity: IT systems are getting more complex at a very high speed; every system should connect with every other, should provide an incredibile number of features to different users, should run on many different platforms, and so on
  • abstraction: to be able to manage this complexity, the approach is to abstract the programming and managing level of IT: programming can take advantage of existent modules and just connect them appropriately at the functional level, providing also functionalities to monitor and manage the IT system themselves (for example it is now possible to deploy entire applications or virtual infrastructures just with a couple of “clicks”).

But what about security? Even if each component is “secure” (according to some definition of this word), how can be evaluated the “security” of the current and future IT systems?

There is no doubt that IT security in the last years has been a difficult subject, but I believe that in the next future we’ll need some new approaches and tools to be able to tackle the management of IT security due to the ever increasing complexity of IT systems.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s