Slashdot Mirror


What Should We Do About Security Ethics?

An anonymous reader writes "I am a senior security xxx in a Fortune 300 company and I am very frustrated at what I see. I see our customers turn a blind eye to blatant security issues, in the name of the application or business requirements. I see our own senior officers reduce the risk ratings of internal findings, and even strong-arm 3rd party auditors/testers to reduce their risk ratings on the threat of losing our business. It's truly sad that the fear of losing our jobs and the necessity of supporting our families comes first before the security of highly confidential information. All so executives can look good and make their bonuses? How should people start blowing the whistle on companies like this?"

3 of 244 comments (clear)

  1. What Should We Do About Security Ethics? by doti · · Score: 4, Funny

    Ignore it?

    --
    factor 966971: 966971
  2. Re:Gee, I dunno by Anonymous Coward · · Score: 3, Funny

    how about you gather some evidence and publish it?

    Of course, you'll lose your job over it. So decide now. Do you want to sleep at night? Or do you want to feed your family? That is one end of the spectrum. Another is to gather some evidence in order to ensure job security and hefty pay raises!
  3. Re:Ethics? Where? On Slashdot? by eln · · Score: 3, Funny

    Because of my personal beliefs which stem from an often insulted and bashed faith, constantly mocked here on Slashdot, I do not sell the information I am privy to. I have a very strong sense of ethics too, and don't sell the information I'm privy to either. Since you say these beliefs stem from your faith, then we must be of the same faith. Always nice to meet a fellow atheist.