Dailydave mailing list archives

Thoughts Re: Monday Morning Marketing from SANS

From: "J.A. Terranson" <measl () mfn org>
Date: Mon, 19 Sep 2011 15:28:05 -0500 (CDT)

<ranting thoughts>

I was a principal in a security / forensics firm starting in roughly 2004, 
and from day 1, we carried (at exhorbitant costs I might add), a 
$10,000,000.00 E&O policy, precisely on the premise that we *would*, 
*someday*, get something wrong (and need to make restitution for that 
error).  The drafting of the policy was apparently a first, as we went 
through a half dozen large brokers to get *anyone* to sign off on such a 
policy.

While the industry is 99% snake oil, and I suspect will always remain 
snake oil (due to our decision decades ago to accept that buggy software 
"met the condisitions of the contracted work"), I don't see the 
"professional associations that have popped up as ding more than making 
the problem worse.

SANS has been a particular thorn in my side (along with ISC2), as the most 
incompetent and useless excuses for "experts" I jahve ever met all seem to 
have a hundred ridiculous initials after their name.  The CISSP (which 
appears to be a permanent fixture after the name of everyone who gets one) 
is a joke, as the basic qualifications are not just ignored for 
qualification, but for practice (ever try and report a "5 year veteran" 
who just got his initials but is still learning to ask a girl out for a 
first date? "The CISSP is self-policing".  So much for that!).  Or how 
about all of the grandfathered CISM/CGEIT/CISA, pick an initial, who cant 
find a strcopy from a strcpy?

And then there are all of the "professional witnesses" popping up who can 
answer basic questions about things their resume (oops, sorry, "CV") says 
they are experts in (how many embedded systems experts are really out 
there in the 20-35 year age group?  I don't know, but I've seen a LOT more 
claimed [all accepted as experts by courts who know even less] than really 
exist.

If we are going to present ourselves as professionals, then we shouod damn 
well behave like professionals, hold each other accountable as 
professionals, and prepare to be licensed as professionals.

</Ranting thoughts>

//Alif

-- 
I hate Missouri.  Land of the free, home of the perjuriously deranged.
_______________________________________________
Dailydave mailing list
Dailydave () lists immunityinc com
https://lists.immunityinc.com/mailman/listinfo/dailydave

Current thread:

Monday Morning Marketing from SANS Dave Aitel (Sep 19)
- Re: Monday Morning Marketing from SANS hal999 (Sep 19)
- Re: Monday Morning Marketing from SANS Tim Newsham (Sep 19)
- Re: Monday Morning Marketing from SANS Peter Le Bek (Sep 19)
- Thoughts Re: Monday Morning Marketing from SANS J.A. Terranson (Sep 19)