CERT statement
Ian Farquhar
ianf at sydney.sgi.com
Sun Jan 29 16:03:30 PST 1995
On Jan 26, 4:42pm, Marc Horowitz wrote:
> You're exactly right. However, getting people to deploy real security
> systems is nearly impossible. My company sells a kerberos system, and
> although everyone is saying they want security, nobody really
> understands what this means, and as soon as we tell them that it
> actually involves effort, they become far less interested.
To a former employer of mine, security meant using the word "security"
in as many reports as they could. The management never committed
resources to it, and didn't seem to have a grasp of even the most
basic concepts of it, but as long as they said "security" lots of
times, they felt that they had it.
Unfortunately, this seems to be a fairly typical state of affairs
in many organisations.
Ian.
More information about the cypherpunks-legacy
mailing list