Security Engineering is a multi-disciplinary field that uses many different tools, processes and methodologies to design and engineer systems that will stand up to malice or error. These systems must not only meet and exceed tests against current known threats, but also ensure the capability to adapt to new and unknown threats.
Engineering an effective system requires an expertise in cryptology, computer security, psychology, audit and law. Systems Engineering, referring to the analysis and testing of software design and evaluation, is generally not thorough enough to provide full protection; it may help to contain error and mischief, but fall short of stalling malice.
The failure of computer security systems can have detrimental effects on the environment, endanger the lives of citizens, damage the economy, endanger privacy, invite and facilitate crime and cause collapse of business sectors. A few of the most vulnerable sectors requiring security engineering include nuclear safety, banking, and medical records.
Software Engineering ensures that certain things do happen; Security Engineering ensures that they don’t. Systems failure is often caused by an attempt to protect the wrong thing; Security Engineering insures that the right thing is protected in the right way.