Security Basics mailing list archives
Re: Heartland Gets Religion on Security
From: security curmudgeon <jericho () attrition org>
Date: Sat, 20 Jun 2009 21:09:57 +0000 (UTC)
: I agree. Over at DataLossDB, I inquired about adding a column for the : firm(s) performing the audit in an attempt to [possibly] correlate : breaches with firms. Unfortunately, DataLossDB did not feel they had the : resources to accommodate. I can't help but feel there is an Enron/Arthur : Anderson relationship among some of these folks. That is not exactly what we said =) We said that for less than 1% of incidents we know the auditor. For the few that have come to light, I have been adding them as a comment to the entry. We can add a column fairly easily, but it will end up being almost completely empty. Such columns generate more questions and complaints than it's worth sometimes. If anyone can demonstrate that the auditor's name is easy to obtain or will help us with the research, it may speed up the decision to add it. Brian DatalossDB.org ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Need to pass the CISSP? InfoSec Institute's CISSP Boot Camp in both Instructor-Led and Online formats is the most concentrated exam prep available. Comprehensive course materials and an expert instructor means you pass the exam. Gain a laser like insight into what is covered on the exam, with zero fluff! http://www.infosecinstitute.com/courses/cissp_bootcamp_training.html ------------------------------------------------------------------------
Current thread:
- Re: Heartland Gets Religion on Security security curmudgeon (Jun 22)