Firewall Wizards mailing list archives
Re: Security Policy methodologies
From: Anton J Aylward <anton () the-wire com>
Date: Tue, 06 Jan 1998 16:52:17 -0500
At 08:09 AM 06/01/98 -0800, Larry J. Hughes Jr. wrote:
Second, there are many pointy-hairs around who will misuse the statistics. "What? Only a 0.01 percent chance of email being snooped? That doesn't justify spending $X per seat to implement PGP companywide. Think of the money we'll save that our competitors will spend. That gives us a real competitive edge."
Do you remember the Two Men and The Bear story? You don't have to run faster than the bear, only faster than the other guy. So the hackers say "Oh, he's using PGP, lets find an easier target". The 0.01% has just turned into a 98.4%. How's that for a competitive edge? /anton -------------------------------------------------------------------------- Anton J Aylward | "Quality refers to the extent to which System Integrity | processes, products, services, and InfoSec Consulting | relationships are free from defects, Voice: (416) 421-8182 | constraints and items which do not add Fax: (416) 421-8183 | value." - Dr. Mildred G Pryor, 1995
Current thread:
- Re: Security Policy methodologies, (continued)
- Re: Security Policy methodologies Marcus J. Ranum (Jan 03)
- Re: Security Policy methodologies Ted Doty (Jan 05)
- Re: Security Policy methodologies Aleph One (Jan 05)
- Re: Security Policy methodologies Ted Doty (Jan 05)
- Re: Security Policy methodologies Larry J. Hughes Jr. (Jan 06)
- Re: Security Policy methodologies Rick Smith (Jan 07)
- Re: Security Policy methodologies Ted Doty (Jan 07)
- Survey so far - Security Policy methodologies Bret Watson (Jan 04)