Dailydave mailing list archives
Re: Job postings
From: Rodney Thayer <rodney () canola-jones com>
Date: Thu, 18 Mar 2004 15:05:51 -0800
At 04:43 PM 3/18/2004 -0500, Dave Aitel wrote:
I think it's interesting that security is viewed as a strategic move by Microsoft.
Is it? I thought it was a bald-faced reaction to the fact their security sloppiness has finally threatened the bottom line.
I've always felt that people using it as a tactical "cost-benefit" analysis were missing a lot.
That's three different things. It's TACTICAL if you use it as a tactic. People who do knee-jerk purchases of pen tests are not acting in a tactical manner. It's a cost-benefit thing if you convince your beancounters it'll cost less to be secure than to clean up. I fing that to be rare. I do see people starting to notice that buying a firewall and pointing the syslog server somewhere other than the garbage can is a fine thing to do when the CFO is stomping through the halls shouting Sarbannes-Oxley Compliance or we're all dead!
Getting a strategic visibility on information security is something most organizations cannot do,
Totally agree here.
and something you see a lot of IDS vendors struggling to market
Disagree. This is the same old rut we've been in since Gartner's Whorehouse (oops - did I say that?) declared IDS' dead because someone paid them to say that. IDS are NOT like car alarms (i.e. they go off, nobody cares). They are like smoke detectors. Smoke detector have two sales cycles: shitty, most of the time terribly popular, the day after you see on the evening news that some home burned down with three little kids sleeping inside, and no smoke detectors. Oh, and by the way, I always assumed that other people on this list have a long trail of friends who've travelled to Redmond to interview for security positions, only to return and tell us all how insulting it is to be told by some old fart who's been working on Microsoft Word since it was implemented with Goose Feather Quills that "they don't have a security problem". I know of about 1/2 dozen who've been flown to Redmond to be insulted over the last year. _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://www.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Job postings Dave Aitel (Mar 18)
- Re: Job postings Rodney Thayer (Mar 18)
- RE: Job postings Mike Bailey (Mar 18)