[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CERT statement



On Jan 26,  4:42pm, Marc Horowitz wrote:
> You're exactly right.  However, getting people to deploy real security
> systems is nearly impossible.  My company sells a kerberos system, and
> although everyone is saying they want security, nobody really
> understands what this means, and as soon as we tell them that it
> actually involves effort, they become far less interested.

To a former employer of mine, security meant using the word "security"
in as many reports as they could.  The management never committed
resources to it, and didn't seem to have a grasp of even the most
basic concepts of it, but as long as they said "security" lots of
times, they felt that they had it.

Unfortunately, this seems to be a fairly typical state of affairs
in many organisations.

						Ian.