Slashdot Mirror

← Back to Users

User: Jansingal

Jansingal's activity in the archive.

Stories
0
Comments
345
First seen
Last seen
Profile
(view on slashdot.org)

Comments · 345

  1. Re:Not an Objective Review on Stepping Through the InfoSec Program · · Score: 1

    dude, not exacatly a smoking gun......

    presentation was in 2004 and book is written in 2008.

  2. Re:Twelve step program? on Stepping Through the InfoSec Program · · Score: 1

    >>>ISC)2 which happened to pick a name for maximum confusion with legitimate groups

    What is the confusion with a legitimate group?

  3. Re:Twelve step program? on Stepping Through the InfoSec Program · · Score: 1

    you mean an MSSP :)

  4. Re:Did we go back in time? on Stepping Through the InfoSec Program · · Score: 1

    as to the 80's, i heard they were going to use pat benatar on the cover but could not get the rights :)

  5. Re:frsit spsot on Stepping Through the InfoSec Program · · Score: 1

    alas, the 7 seas are a verity of the past, mythology, there are certainly more than 7 seas now.

  6. Re:What I want to know on Stepping Through the InfoSec Program · · Score: 1

    >>What I want to know is, how can I make my senior management care?

    I take back my comment.

    run a pen test and they will get it.

    a good pen test team has at least a 95% success rate.
    A really good pen test team has a 99% success rate.

    Hack em and then scare them and then you got them!

  7. Re:What I want to know on Stepping Through the InfoSec Program · · Score: 1

    >>>>What I want to know is, how can I make my senior management care?

    Absolutely zero you can do.

    either they get it and take action on it, or else they are clueless.

    don't try to have them get security, if they don't get it, they won't.

  8. Re:the problem with books on this topic on Stepping Through the InfoSec Program · · Score: 1

    published in 1990. Way before slashdot

  9. Re:Current? on Stepping Through the InfoSec Program · · Score: 1

    didn't someone say above that this is NOT that type of book.

  10. Re:Dupe on Stepping Through the InfoSec Program · · Score: 1

    dude - different book

  11. Re:the problem with books on this topic on Stepping Through the InfoSec Program · · Score: 1

    Well, if the book is about Windows XP, then yes. but core concepts of security, CIA triad, etc., they are timeless. Well, not timeless, but you know what I mean. First Ed. of 'Security Enginnering' by ross anderson is 8 years old. my guess is that at least 90% of it is still 100% relevent.

  12. Re:A bit dated on Virtual Honeypots · · Score: 1

    please, please please...

    Tell me one thing in the book that is dated.

  13. Re:OMG on Virtual Honeypots · · Score: 1

    so what's your point?

    not everyone is as smart as you, and well,
    some people need a book like this.

    if you don't like it, dont buy it.
    better.... write something WE can use.

  14. Re:Not new on Virtual Honeypots · · Score: 1

    yeas, but the old threats are still used today.

  15. Re:Business types who refuse to listen to techies. on The Pragmatic CSO · · Score: 1

    >>I'd be most interested in some examples of this 'disconnect' you talk about - how it is not tolerated in other industries.

    Read some issues of HBR. Articles where the connect is best between the tech and biz people, profits are also better. /jay

  16. Re:Business types who refuse to listen to techies. on The Pragmatic CSO · · Score: 1

    ok, so its not a perfect analogy, that does not map perfectly.

    but.... in IT, there is way too far of a disconnect. you dont have such disconnect
    in other industries.

  17. Re:Business types who refuse to listen to techies. on The Pragmatic CSO · · Score: 1

    >>Executive management (except CIO/CSO obviously) shouldn't need to understand anything about the technical details. Bull!! Imagine saying the head of a hospital shouldn't need to understand anything about the technical details. We would not tolerate this in any other industry, why IT????

  18. Re:Business value and risk on The Pragmatic CSO · · Score: 1

    Exactly!

    my guess is that there are maybe 5 security pros in the US who know how to deal with ROSI.

    All others make up their own data as they go along.

  19. Re:Meh. on The Pragmatic CSO · · Score: 1

    so be a man and tell me what it stands for.

  20. Re:So who was the more pragmatic CSO?... on The Pragmatic CSO · · Score: 1

    17799 is soooooooooo important.
    but way toooooo few people know about it.

  21. Re:Meh. on The Pragmatic CSO · · Score: 1

    no idea at all what you mean.

    please explain.

  22. Re:So who was the more pragmatic CSO?... on The Pragmatic CSO · · Score: 1

    and that is the problem!!!

    most cio's are completely clueless when it comes to security.

    A CIO answers a security issue like this:

    80% of the time: my sysadmin can do that
    19% of the time: my firewall admin can do that
    1% of the time: and this is the answer of the small minority of smart CIO'S: I will have my security engineering team do that.

  23. Re:Am I the only one on The Pragmatic CSO · · Score: 1

    no one!!!! :) SCO is the anti-pragmatic software company.

  24. Re:I don't care details, can we be hacked or not? on The Pragmatic CSO · · Score: 2, Interesting

    every company
    every host
    every every every

    thing can be hacked!!!

    isnt that what /. is all about?

  25. Re:Meh. on The Pragmatic CSO · · Score: 1

    speaking of people who use acronyms w/o (without) defining them...

    what is TFS?