The entire technology world – not just IT – is constantly changing. Recent changes force a reexamination of assumptions about information security made only a brief time ago.  Emerging technologies, once emerged, turn out to be a bit scary. Perhaps that’s because the law of unintended consequences operates strongly at the bleeding edge, where tools end up cutting both ways. Many talk about "grand challenges in information security", while foolishly implementing things that are supposed to represent data but somehow end up being executable. At the moment, the most sophisticated measurements of security are things like bug counts, and do not address tradeoffs in managing security processes. Attacks which were thought to be impractical or uneconomical are now possible as a result of everything becoming smaller, faster, more sensitive, always connected, mobile, ubiquitous and cheap. Seiden’s talk lays out the landscape using stories and examples, and try to persuade you of the benefits of rethinking some of those assumptions to make your systems a bit more future-resistant. From the Series:CSE Colloquia - 2007