Riffing off of a tweet from Francine McKenna (@retheauditors ) some time last month, we decided to pull together as much of the publicly available settlement info on the Big 4 for the past 5 or so years that we could find. With the financial crisis still top of mind for many folks, we thought it might be interesting to see what (if any) settlements are driving out of the whole mess and thought that some background info will help set the context.
Trust is the Coin of the Realm in Security
Alan over at StillSecure dropped this little nugget out this morning, and quite frankly it just rubbed me the wrong way. You see, despite his conversations with a number of his customers, he still failed to see the obivious. That being, the fact he was able to have conversation with his customers at all. You see, each and every person in a product company has to earn the right to to talk to the buyer. I spent years of my career buying products for various programs I was respoonsible for, and the sales people that got a chance to pitch me had all done something different. They had engaged me as person, a practiioner, and as a businessman. Before the talk ever turned to product, they invested the time in learning about me, my organization, my infrastructure, my regulatory environment, and my business.
Event vs. State Driven Security
Why is it that the majority of attention in the security market has been focused around event data? Isn’t it better to know where you stand before the bad thing happens? If memory serves me correctly, this was the entire point behind vulnerability management (and to a lesser degree, patch management).
The Impact of Culture on Risk Perception
Having just concluded our first quarter Clinic series on Risk Management, some very interesting things emerged. Though we are still putting the finishing touches on our Summary of Findings, I thought I would take a moment to share one of the more interesting insights.
As practitioners, we all know that culture and the other facets of our lives that comprise our worldview have an impact on how we perceive and respond to risk. What was interesting to note from our Clinic series was how detailed the manifestations of this impact were.
© 2008 Brightfly, Inc.
Powered by You, the Community.