Full Disclosure mailing list archives

RE: Need some advice for a new customer

From: "Handy, Mark (IT)" <Mark.Handy () morganstanley com>
Date: Thu, 16 Feb 2006 21:43:45 -0500

Agree completely. 


Mark Handy
STAR (Security Threat Assessment and Response)


-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Peter
Besenbruch
Sent: 13 February 2006 11:19
Cc: full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Need some advice for a new customer

Here's the question:

Should the company notify their customers of a POSSIBLE compromise of 
their data? I have been trying to convince them that they should 
operate as though the data is compromised. Is that the right position 
to take as a security consultant?


What would be the consequence to their business be if the news of
compromise came from a third party, and not the business itself? They
need to get out front on this.
--
Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky
Atlas: http://www.hawastsoc.org/deepsky
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--------------------------------------------------------

NOTICE: If received in error, please destroy and notify sender.  Sender does not waive confidentiality or privilege, 
and use is prohibited.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Need some advice for a new customer Red Leg (Feb 13)
- Re: Need some advice for a new customer Peter Besenbruch (Feb 13)
- <Possible follow-ups>
- RE: Need some advice for a new customer Handy, Mark (IT) (Feb 16)