The future of data security is considered with reference to a perceived complacency about the ability to detect increasingly sophisticated intrusions. Also considered are the difficulties in assessing the extent of computer-related crime and its costs and whether current prevention and detection efforts are adequate. The fact that computer crime is essentially a people problem and that safeguards must be designed to increase the trustworthiness of people also is noted. The role of internal and external auditors in detecting abuses or fraud is discussed. A suggestion for greater cross-fertilization between EDP auditors and security officers is discussed, as is the role of information security in preventing, discovering, deterring, and recovering losses. The feasibility of incorporating security as a technological design criteria is considered. Data integrity is discussed in relation to the increasing combination of data and word processing, and the importance of thoroughly labeling this data to track origin, source, authority, and procedures is noted. Finally, the application of traditional ethical and moral values to a new technology is considered.