Full Disclosure mailing list archives
Re: Fwd: Rate Stratfor's Incident Response
From: Bob Dobbs <bobd10937 () gmail com>
Date: Mon, 9 Jan 2012 10:34:40 -0800
On Sat, Jan 7, 2012 at 5:42 PM, <Valdis.Kletnieks () vt edu> wrote:
It matters a lot less than you think. Go look at Sony's stock price while they were having their security issues - it was already sliding *before* PSN got hacked, but continued sliding at the *exact same rate* for several months, with no visible
Indeed. It is surprising to me that customers don't care more about this than they do. But the customer, in the end, doesn't seem particularly concerned about their personal data. If they did they would stop buying, revenue would fall, and stock price would fall. As high priority as the IT Sec people usually think it should be, or as high
priority as a cold hard-line analysis of business cost/benefts says it should be? IT people tend to be *really* bad at estimating actual bottom-line costs.
I can perfectly understand the cold rationalizing of ROI on issues of security expense. I am much less forgiving of companies who constantly say (and they all do) that they take great care with your data, won't share it with anyone else, implement great security, etc. Then they are owned by some stupid means such as a flawed and out of date Internet-facing webapp and proven to be liars. I wish there were far more punitive punishments for customers to pursue to help shift the ROI towards providing more security. Bob
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Fwd: Rate Stratfor's Incident Response, (continued)
- Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Shyaam Sundhar (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Laurelai (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Shyaam Sundhar (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Jeffrey Walton (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Bob Dobbs (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Paul Schmehl (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response gold flake (Jan 09)
- Message not available
- Message not available
- Re: Fwd: Rate Stratfor's Incident Response Ian Hayes (Jan 08)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 07)
- Re: Fwd: Rate Stratfor's Incident Response Dave (Jan 08)
- Re: Fwd: Rate Stratfor's Incident Response J. von Balzac (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Valdis . Kletnieks (Jan 09)
- Re: Fwd: Rate Stratfor's Incident Response Ferenc Kovacs (Jan 10)
- Re: Fwd: Rate Stratfor's Incident Response Jeffrey Walton (Jan 10)