QOTD on Security

Whenever information security is mentioned within most organisations there is a collective groan; the board don’t want to engage, staff don’t want to be encumbered and the IT department sometimes lack the guidance to implement anything effective.
[...]
To be attractive, security needs to be cheap to implement, validate, verify and maintain. But cheap must never mean sub-standard and this is the point at which the balance must be struck. -- Martyn Smith
Security On A Shoestring | Business Computing World

No comments: