ABSTRACT
Avalanche! With new information doubling every five years (soon to be every two and a half years!), information security professionals may find themselves buried in an information avalanche. Where a new security standard in the financial services area could, in the past, safely take three to five years in the making, we now frown when it takes two years. Where we would, historically, rarely work on even two standards in parallel, we now must work on a dozen. Prior to 1986, the Internet Engineering Task Force (IETF) did not exist. Today, we have thousands of Requests for Comment (RFC) documents, many of which are on the IETF standards track. With the American National Standards Institute (ANSI) accredited standards bodies, with the International Standards Organization (ISO), with the International Telecommunications Union (ITU), and other national and international standards bodies, the information security professional faces hundreds of security-or privacy-related standards, guidelines, or regulatory initiatives each year.
