This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Demythifying Cybersecurity
May/June 2010 (vol. 8 no. 3)
pp. 56-59
Edward B. Talbot, Sandia National Laboratories, California
Deborah Frincke, the Pacific Northwest National Laboratory
Matt Bishop, University of California, Davis
This article looks at four cybersecurity myths that recur in both popular literature and technical work: "more layers of defense are always better than fewer," "running my executables on my data on my system is secure because I control my system," "effective security is burdensome," and "trusted computing eliminates the need to trust people."

1. J. Campbell, The Masks of God, Vol. 4: Creative Mythology, Penguin Books, 1991.
2. C. Catlett et. al., A Scientific Research and Development Approach to Cyber Security, report submitted to the US Dept. of Energy, Dec. 2008, p. 2; www.er.doe.gov/ascr/ProgramDocuments/Docs CyberSecurityScienceDec2008.pdf.
3. K. Thompson, "Reflections on Trusting Trust," Comm. ACM, vol. 27, no. 8, 1984, pp. 761–763.
4. M. Bishop and D.A. Frincke, "Who Owns Your Computer?" IEEE Security & Privacy, vol. 4, no. 2, 2006, pp. 61–63.
5. Sun Tsu, The Art of War, Delta Publishing, 1989.
6. R. Naraine, "90-Day Report Card: Windows Vista Fared Better than Competitors," ZDnet, 22 Mar. 2007; http://blogs.zdnet.com/security?p=135.
7. T. Wu, "A Real-World Analysis of Kerberos Password Security," Proc. 1999 Symp. Network and Distributed System Security, Internet Soc., 1999, pp. 13–22.

Index Terms:
cybersecurity, security and privacy, layered defense, defense in depth, system complexity, three-factor authentication, trusted computing, computer security, computer science education
Citation:
Edward B. Talbot, Deborah Frincke, Matt Bishop, "Demythifying Cybersecurity," IEEE Security & Privacy, vol. 8, no. 3, pp. 56-59, May-June 2010, doi:10.1109/MSP.2010.95
Usage of this product signifies your acceptance of the Terms of Use.