75
4
Ho w Se c u r i t y cH a n g e d
Po S t 2000
In the introduction and also the previous two chapters I have written
briey regarding changes in security over the past decade and more,
I have introduced the security professionals involved: the Hacker and
the Hacker’s successor—the CASE.
To better understand the problems in modern information security
risk management, we need to understand how and why the problems
were introduced. Back in the pre-2000s Hacker era, security was
very far from perfect, but the changes that took place roughly from
2002 onward certainly did not lead to improvements; instead, things
seemed to get worse, with organizations spending increasingly more
on security products and personnel, with little or no return. ...