It works wonderfully if you're a bad guy.
Allan Paller
bad works guy
We can't protect these systems. The skill level of most Windows users is novice at best, and the basic design of Windows and Macintosh systems isn't geared to security.
design security skill macintosh systems protect windows
It seems to me the idea of competing for resources with audit is the shortest path to going away. If you partner with them and share the load and treat audit with due deference, you have a shot. As long as you compete, it won't work.
idea work share path shot
The ISO is going to the CEO saying there's a chance something bad, and possibly something embarrassing, could happen. But how much of a chance, the ISO doesn't know. And if he spends this kind of money, he can reduce the risk but by how much, he doesn't know. It's simply not enough data. Every other C-level executive does better than that and takes on the responsibility for defining the risk. Here, the CISO is putting the responsibility on the CEO. They don't want it, and eventually they won't take it.
chance money data kind responsibility risk bad
You must log in to post a comment.
There are no comments yet.