Firewalls: RE: Security Auditor versus Security Auditor

Firewalls
(February 1998)

Indexed By Thread: [Previous] [Next]

Subject:	RE: Security Auditor versus Security Auditor
From:	Anton J Aylward <anton @ the-wire . com>
Date:	Tue, 17 Feb 1998 22:28:20 -0500
To:	rdew @ el . nec . com (Bob De Witt), firewalls @ GreatCircle . COM, lists @ bwa . net

At 05:22 PM 17/02/98 -0800, Bob De Witt wrote:
## Reply Start ##
>
>Bret Watson <lists @
 bwa .
 net> wrote on Tue, 17 Feb 1998:
>> ...
>> In reality security is always a people problem...
>> 
>
>I don't know about "your" systems, but I figure it's about 60% social,
>25% political, and 15% Technological.  Actually, I'm not at all sure
>the technological is that strong.

I agree; rating technology at 15% does seem optimistic.
I usually tell clients "its the 80/20 rule", because the
phrase has a familiar ring to it.  But isn't that just 
another example of it being a people problem?

/anton

## Reply End ##

Indexed By Date	Previous:	Re: Use the CISSP, Luke (was Re: Certifiying Security Auditors) From: "Paul D. Robertson" <proberts @ clark . net>
Indexed By Date	Next:	Re: Look to the CISSP (was RE: Certifiying Security Auditors) From: Bret Watson <lists @ bwa . net>
Indexed By Thread	Previous:	RE: Security Auditor versus Security Auditor From: rdew @ el . nec . com (Bob De Witt)
Indexed By Thread	Next:	Use the CISSP, Luke (was Re: Certifiying Security Auditors) From: Anton J Aylward <anton @ the-wire . com>