This Article 
 Bibliographic References 
 Add to: 
Demythifying Cybersecurity
May/June 2010 (vol. 8 no. 3)
pp. 56-59
Edward B. Talbot, Sandia National Laboratories, California
Deborah Frincke, the Pacific Northwest National Laboratory
Matt Bishop, University of California, Davis
This article looks at four cybersecurity myths that recur in both popular literature and technical work: "more layers of defense are always better than fewer," "running my executables on my data on my system is secure because I control my system," "effective security is burdensome," and "trusted computing eliminates the need to trust people."

1. J. Campbell, The Masks of God, Vol. 4: Creative Mythology, Penguin Books, 1991.
2. C. Catlett et. al., A Scientific Research and Development Approach to Cyber Security, report submitted to the US Dept. of Energy, Dec. 2008, p. 2; CyberSecurityScienceDec2008.pdf.
3. K. Thompson, "Reflections on Trusting Trust," Comm. ACM, vol. 27, no. 8, 1984, pp. 761–763.
4. M. Bishop and D.A. Frincke, "Who Owns Your Computer?" IEEE Security & Privacy, vol. 4, no. 2, 2006, pp. 61–63.
5. Sun Tsu, The Art of War, Delta Publishing, 1989.
6. R. Naraine, "90-Day Report Card: Windows Vista Fared Better than Competitors," ZDnet, 22 Mar. 2007;
7. T. Wu, "A Real-World Analysis of Kerberos Password Security," Proc. 1999 Symp. Network and Distributed System Security, Internet Soc., 1999, pp. 13–22.

Index Terms:
cybersecurity, security and privacy, layered defense, defense in depth, system complexity, three-factor authentication, trusted computing, computer security, computer science education
Edward B. Talbot, Deborah Frincke, Matt Bishop, "Demythifying Cybersecurity," IEEE Security & Privacy, vol. 8, no. 3, pp. 56-59, May-June 2010, doi:10.1109/MSP.2010.95
Usage of this product signifies your acceptance of the Terms of Use.