[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly)
- To: Michael Scheidell <scheidell@xxxxxxxxxx>
- Subject: Re: [Full-Disclosure] Soft-Chewy insides (was: CyberInsecurity: The cost of Monopoly)
- From: George Capehart <capegeo@xxxxxxxxxxxxx>
- Date: Mon, 29 Sep 2003 10:55:40 -0400
On Monday 29 September 2003 08:23 am, Michael Scheidell wrote:
<snip>
>
> These fins and jail time will directly target the C/Board level, and
> only indirectly affect the security teams (they may lose their jobs
> when the company they work for goes bankrupt)
>
> Its only a matter of time before the lawyers finish up with big
> tobacco and move on to SARBOX/HIPAA and GLBA work.
>
> > My $0.02.
>
> I'll see you that .02/c and raise you 5 million dollars (the Maximum
> fine under SARBOX)
<cynical grin> Would that that would really help. I guess maybe in the
long run it might, but I'm not holding my breath. There's still the
small matter of connecting cause with effect and then implementing a
program that will function appropriately at all levels of the
organization. I'll bet a dozen Krispy Kremes that the response of many
Boards and C-level officers will be a knee-jerk "Off with their heads"
followed by a return to business as usual. It's a lot easier to offer
up a sacrificial lamb than it is to change corporate culture . . . But
it will certianly be interesting to follow . . . ;-)
Regards,
--
George Capehart
capegeo at opengroup dot org
PGP Key ID: 0x63F0F642 http://pgp.mit.edu
Key fingerprint: BE7A 9A4A 6A8F 363A BAC5 4866 631B B2F6 63F0 F642
"It is always possible to agglutenate multiple separate problems into a
single complex interdependent solution. In most cases this is a bad
idea. -- RFC 1925
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html