"Whichever way this thing goes, they're going to be left standing," McMillan said. However it turns out, McMillan and I agree that poor management, not technology, is the villain here.
"We should stop managing by crisis," he said. "That's how we got into this mess in the first place."
Perhaps, in that sense, the decision to keep healthcare.gov going, and to try to fix its flaws in mid-flight, is the right decision. And yet, if we get through this startup period without a major breach, it could be dumb luck, rather than savvy management, as our saving grace.
Bruce Schneier may be right. You might as well shut down the Internet. But the stakes have never been this high for a mission-critical Internet Web site.
Meanwhile, let's hope the government is judiciously reinforcing its security policies, ranging from employee policies to data-loss prevention infrastructure. Before all is said and done, every bit of those precautions will be necessary.