Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly)

From: George Capehart <capegeo () opengroup org>
Date: Mon, 29 Sep 2003 10:55:40 -0400
On Monday 29 September 2003 08:23 am, Michael Scheidell wrote:

<snip>



These fins and jail time will directly target the C/Board level, and
only indirectly affect the security teams (they may lose their jobs
when the company they work for goes bankrupt)

Its only a matter of time before the lawyers finish up with big
tobacco and move on to SARBOX/HIPAA and GLBA work.


My $0.02.


I'll see you that .02/c and raise you 5 million dollars (the Maximum
fine under SARBOX)


<cynical grin>  Would that that would really help.  I guess maybe in the 
long run it might, but I'm not holding my breath.  There's still the 
small matter of connecting cause with effect and then implementing a 
program that will function appropriately at all levels of the 
organization.  I'll bet a dozen Krispy Kremes that the response of many 
Boards and C-level officers will be a knee-jerk "Off with their heads" 
followed by a return to business as usual.  It's a lot easier to offer 
up a sacrificial lamb than it is to change corporate culture . . . But 
it will certianly be interesting to follow . . .  ;-)

Regards,
-- 
George Capehart

capegeo at opengroup dot org

PGP Key ID: 0x63F0F642          http://pgp.mit.edu
Key fingerprint:  BE7A 9A4A 6A8F 363A BAC5  4866 631B B2F6 63F0 F642

"It is always possible to agglutenate multiple separate problems into a
 single complex interdependent solution.  In most cases this is a bad
 idea.  -- RFC 1925

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: