Penetration Testing mailing list archives
Re: Internal Servers (noob post) misconceptions persist;
From: "R. DuFresne" <dufresne () sysinfo com>
Date: Thu, 25 Jun 2009 11:26:13 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1June 24, MXLogic - (International) CISOs see insiders as greatest `human threat' to data security. The vast majority of chief information security officers surveyed at a CISO summit in June said that insiders are the greatest human threat to data security, while only 18 said they are concerned about threats from external sources such as cybercriminals and corporate spies. The survey by NetWitness Corporation and MIS Training Institute revealed that 80 percent of CISOs and CSOs feel insiders are the greatest human threat. A conference director at MIS Training Institute said the survey findings are "alarming," in that there is a "misperception that traditional security approaches alone can protect against information leaks and that some CISOs were not sure what they need for data protection or were not planning to focus any money in that area this year." Although CISOs are at least thinking about insider threats, another recent survey of business managers found that executives seemingly do not think about insider threats to data security from ex-employees. A Courion Corporation survey revealed that 93 percent of business managers are confident that terminated employees pose no risk to their network security, even though many have limited knowledge of the systems to which their employees have access. Source: http://www.mxlogic.com/securitynews/network-security/cisos-see-insiders-asgreatest- human-threat-to-data-security132.cfm
Thanks, Ron DuFresne- -- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
admin & senior security consultant: sysinfo.com http://sysinfo.com Key fingerprint = 9401 4B13 B918 164C 647A E838 B2DF AFCC 94B0 6629 These things happened. They were glorious and they changed the world..., and then we fucked up the endgame. --Charlie Wilson -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFKQ5cXst+vzJSwZikRAjcoAJ965gzBjvudQEux8BWuB6bLQ0U0jQCgsAWl +KTEFn7KuN0VAYE2CwjWBok= =oUed -----END PGP SIGNATURE----- ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review BoardProve to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified.
http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Internal Servers (noob post) pma111 (Jun 02)
- Re: Internal Servers (noob post) ticktock123 (Jun 03)
- Re: Internal Servers (noob post) Micheal Cottingham (Jun 04)
- Re: Internal Servers (noob post) misconceptions persist; R. DuFresne (Jun 26)
- Re: Internal Servers (noob post) Micheal Cottingham (Jun 04)
- Re: Internal Servers (noob post) Terry M (Jun 03)
- Re: Internal Servers (noob post) Muhammad Farooq-i-Azam (Jun 03)
- RE: Internal Servers (noob post) Gorgon Beast (Jun 03)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Don Miesle (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- Re: Internal Servers (noob post) Jeffrey Walton (Jun 04)
- Re: Internal Servers (noob post) Wim Remes (Jun 04)
- Re: Internal Servers (noob post) R. DuFresne (Jun 12)
- RE: Internal Servers (noob post) R. DuFresne (Jun 04)
- Re: Internal Servers (noob post) Remo Cornali (Jun 08)
- Re: Internal Servers (noob post) ticktock123 (Jun 03)