QOTD - Ranum on The Anatomy of Security Disasters

Marcus Ranum, CTO of Tenable Security writing (and speaking) about security disasters:
If we are fixing things only in response to failure, we can look forward to an unending litany of failures, whereas if we are improving things in advance of problems, we are building an infrastructure that is designed to last beyond our immediate needs.
Marcus goes on to say that while senior security staff tries to inform management of the security risks associated with various business ideas,
the result has less to do with security and more to do with whose meeting-organizational skills are superior, or who’s better at explaining their viewpoint. I’ve seen major security-critical business decisions get made based on whose golf buddy runs what business unit...
Read it today, before your next security incident, or more likely, before your next meeting with management.

Src: Ranum's Rants - The Anatomy of Security Disasters | Tenable Network Security Blog

No comments: