You are about to join the
Discussion : Kevin Mitnick and the art of intrusion - Part 1
Discussion is closed !Total 2 comments
2005-11-22 12:16:48 - Former govermental security crime fighter
Kevin is right in assessing that many businesses do not want to make a committed effort at doing a proper job of putting security measures into place effectively and immediately. They like to say that they have an office that handles these operations when in reality there is no upper management sponsorship of creating a working budget that includes higher professional wages to allow those with the talent to do these tasks, nor is there usually enough budget to pay for the on-going training needed, or proper staffing to do a proper job overall.
I find Kevin actually providing the real problem, that
those who are in authority do not truly care of what is at stake because they feel they have no punishment that otherwise would compel them to think fairly of what an effort it takes to protect the company assets. If those in power had to pay the costs for not making and implementing the correct decisions through, as what stated earlier, proper budgeting, recruiting the talent needed with the right perks to get the job done. By taking shortcuts and just pretending to meet regulatory requirements when audited is not going to prevent intrusion and theft, it will just be a matter of time
and mostly embarassment to cover up the inadequacies of what was considered a bump on the road to real business conduct. As Kevin stated, there is not enough shame to make these guys susceptible to the same technique that he demonstrated the previous year and advised them to fix. A company likes to hire a uniformed officer
for physical protection, but you cannot put looks into protecting a real computer system. It just doesn't work that way.
2005-09-02 08:38:32 -
Good blog
Total 2 comments
