The author's significant Department of Defense experience helps explain why he suggests security controls such as C2 (a rating granted by the National Computer Security Center for products that have been evaluated against the Department of Defense Trusted Computer System
Evaluation Criteria) and shielding for TEMPEST (which refers to security of telecommunications devices that emit electromagnetic radiation).
The Common Criteria for Information Technology Security Evaluation (or "Common Criteria") is a multinational successor to the previous Department of Defense Trusted Computer System
Evaluation Criteria (TCSEC or "Orange Book" criteria).
Although the notion of trust has been used to describe the security architecture of computer systems (for instance, the Trusted Computer System
Evaluation Criteria), we need to inject this notion into organizational theory surrounding secure information systems.