You can't defend. You can't prevent. The only thing you can do is detect and respond.
Interpretation
The quote emphasizes the importance of detection and response over prevention in security.
Bruce Schneier's quote highlights the reality that in the realm of security, it is often impossible to completely prevent all threats. Instead, organizations and individuals must focus on being able to detect potential threats quickly and respond effectively to mitigate any damage, emphasizing a proactive stance in security management rather than a purely defensive one.
In practice
During a cybersecurity seminar, one might say, 'As Bruce Schneier noted, you can't defend; you need to focus on detection and response.'
History has taught us: never underestimate the amount of money, time, and effort someone will expend to thwart a security system. It's always better to assume the worst. Assume your adversaries are better than they are. Assume science and technology will soon be able to do things they cannot yet. Give yourself a margin for error. Give yourself more security than you need today. When the unexpected happens, you'll be glad you did.
The whole notion of passwords is based on an oxymoron. The idea is to have a random string that is easy to remember. Unfortunately, if it's easy to remember, it's something nonrandom like 'Susan.' And if it's random, like 'r7U2*Qnp,' then it's not easy to remember.
This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community.
It is poor civic hygiene to install technologies that could someday facilitate a police state.
Digital files cannot be made uncopyable, any more than water can be made not wet.
I am regularly asked what the average Internet user can do to ensure his security. My first answer is usually 'Nothing; you're screwed'.
Tomorrow there will be no division to Europe and Asia. These are old concepts that would remain only on maps. Everything will be united. Companies will be united. It is a process of structures growing due to the technological progress.
Man is still the most extraordinary computer of all.
Once you understand that everybody's going to get connected, a lot of things follow from that. If everybody gets the Internet, they end up with a browser, so they look at web pages - but they can also leave comments, create web pages. They can even host their own server! So not only is everybody consuming, they can also produce.
It is interesting to come across people who feel that a ghost communicating via a spell-checker is less far-fetched than a software glitch.
Our values are that we do think that people have a right to privacy. And that our customers are not our products.
It's the first time an exoskeleton has been controlled by brain activity and offered feedback to the patients. Doing a demonstration in a stadium is something very much outside our routine in robotics. It's never been done before.
Subscribe for the occasional hand-picked quote. No noise.