Full Disclosure mailing list archives
Re: "Hacker attacks won't hurt your company brand"
From: "Cal Leeming [Simplicity Media Ltd]" <cal.leeming () simplicitymedialtd co uk>
Date: Fri, 21 Jan 2011 11:24:15 +0000
It all depends what kind of breach happened. Breaches caused by script kiddies and their automated kits, aren't exactly very high profile, and usually come from poor security ethics surrounding the infrastructure (i.e. lack of updates, no NIDS in place, no port blocking, no IP whitelisting etc etc). Falling under this category would certainly NOT be credible to the company, as it shows their security game is piss poor. Breaches caused by rouge internal staff members, or where the company has been specifically targeted for a long play, would be the only circumstances where the publicity could actually be beneficial, as it creates interesting controversy, unlike the latter. All the above is just my opinion though, not proven fact (although I've headed up enough disaster recovery contracts after both ext and int breaches to have a clear insight as to how these kinda things go down) On Fri, Jan 21, 2011 at 11:02 AM, imipak <imipak () gmail com> wrote:
"...the idea that a breach is unlikely to kill your organization is spreading, because it’s backed by data." " If you’ve been spreading FUD [..] you’re going to face some harsh questions. By regularly making claims which turn out to be false, people undermine their credibility. If you’re one of those people, expect questions from those outside security who’ve heard you make the claim." "If you’re still doing it, you’re creating problems for yourself. Even worse, you’re creating problems for security professionals in general." (Adam Shostack, http://newschoolsecurity.com/2011/01/a-day-of-reckoning-is-coming/ ) Anyone? -i _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- "Hacker attacks won't hurt your company brand" imipak (Jan 21)
- Re: "Hacker attacks won't hurt your company brand" Cal Leeming [Simplicity Media Ltd] (Jan 21)
- Re: "Hacker attacks won't hurt your company brand" Valdis . Kletnieks (Jan 21)
- Re: "Hacker attacks won't hurt your company brand" Thor (Hammer of God) (Jan 22)