Forwarded from: Gary Hinson CCCL <Gary.Hinsonat_private> I sympathise with the comments. All too often, infosec is under-resourced, meaning that the wonderful and not-so-wonderful system controls are often under-used in practice. The blame is manifold e.g. senior management often don't understand infosec and don't appreciate the risks they are running; infosec staff are not usually adept at justifying their important work in business (commercial) terms, so they lose out in funding; and infosec is 'new', newer even than IT, so standard practice has not yet developed/stabilised. A good rule-of-thumb: there should be at least as many infosec staff as security guards (with big feet and fluorescent jackets!). Any company that has seriously valuable/sensitive data clearly needs more! Gary. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Apr 18 2002 - 03:18:58 PDT