Since “publishing” the whitepaper Evolution of Information Security Technologies within Microsoft in late 2005, where I currently work as a Principal Security Architect, I’ve received numerous requests to make its content available for public consumption. After far too long a delay, I’ve decided to do so. I sincerely hope you find it nutritious, and that it provides a useful framework to assist you in assessing, understanding, and even driving the upcoming years of technological evolution in the Information Security space.
I have to clarify that, while I hold the content of the document to be both correct and useful, it should not be interpreted as a statement of strategy or direction on behalf of Microsoft Corp, or any statement by Microsoft Corp. at all. It’s nothing more or less than my view of how things are, and will/should be :). That said, it is also true that the concepts therein have been broadly consumed within Microsoft IT, and leveraged heavily by IT in defining security strategy and security investment prioritization.
Update: the document has made more rounds, and keeps popping up in other places. For example, I got to work with Dan Blum to include its essence in his Shifting Defenses whitepaper, and it has showed up at I-4, etc. Thanks for continuing to spread the message!
Note that the PDF Evolution of Information Security Technologies is the document in its entirety; the PNG file (Evolution of Information Security Technologies – Graph Only) is a better-resolution copy of the “evolution graph,” which is the component of the document that I’m most frequently asked for permission to reproduce. I welcome you to do so as well, and ask only that you cite the source wherever it appears.
Dan Hitchcock's Blog 
