RE: [fw-wiz] Re: Flawed Surveys [was: VPN endpoints]

From: Christopher Hicks (chicks_at_chicks.net)
Date: 09/02/04

  • Next message: Tina Bird: "[fw-wiz] Wired article on the scientific method" 
    To: Firewall Wizards Mailing List <firewall-wizards@honor.icsalabs.com>, MHawkins@TULLIB.COM
Date: Wed, 1 Sep 2004 19:00:28 -0400 (EDT)

    On Wed, 1 Sep 2004 MHawkins@TULLIB.COM wrote:
    > In my opinion, there will come a day when a security event will be, for
    > purposes of insurance, considered to be a reportable incident.

    I agree totally. One of my hats is righting claims management software
    for folks who manage medical malpractice claims. These folks track trends
    over decades and actively work to learn from those trends to avoid future
    claims. In their world avoiding claims means killing fewer people,
    dropping fewer people off stretchers, making sure nurses can find the
    right stuff to inject into you and so on. Applying the same mentality to
    computer security would be a truly beautiful thing. If this sort of thing
    had been going on before now I strongly suspect we'd see a lot more
    firewalls properly configured and regularly monitored and a lot fewer
    Windows boxes waiting to get owned. And it may not be an ideally
    scientific survey, but it would still be rather helpful. :) 

    -- 
</chris>
There are two ways of constructing a software design. One way is to make 
it so simple that there are obviously no deficiencies. And the other way 
is to make it so complicated that there are no obvious deficiencies.
  -- C.A.R. Hoare
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Tina Bird: "[fw-wiz] Wired article on the scientific method"