April 30, 2015

April 10, 2015

Please reload

Recent Posts

I'm busy working on my blog posts. Watch this space!

Please reload

Featured Posts

Eureka! I’ve got the answer.

January 12, 2011

 

Somehow I found thw fine article How Security Tech Is Failing Us. After my stream of conscious commenting (sorry about the double commenting BTW - darn login process), I think I found the solution to many IT security problems.

Here's my comment in full:

Lack of a silver tech bullet is interesting. However the larger issue is the overall lack of maturity across security services. The only folks worthy of pointing fingers at the tech vendors are those with at least a measured level of security maturity across the stack. Sure custom malware exists. What are the attack vectors: unpatched software, misconfigured devices, basic coding errors, ignored databases, user's not held accountable for their actions. Quick litmus test: how many orgs have a solid CMDB?

Calling out tech to save the day perpetuates the problem.

🙂

If you really want to call vendors out, demand they ensure their tech is implemented properly before they get paid. That might be interesting 

Any CISO's out there want to give it a shot?

Share on Facebook
Share on Twitter
Please reload

Follow Us

I'm busy working on my blog posts. Watch this space!

Please reload

Search By Tags