Yes you are correct, it is one of life's lessons, but it should not be on
the behalf of the customer. The customers are what drive this industry to
help them they reach and say "We need some help" do you have a service
offering or service line that can address our needs. Corporations similiar
to the Big N-1 state "Sure we do" and send a bunch of people to try to see
if they can help them. Does this mean they are qualified to do the work,
maybe or maybe not, but they addressed the concerns of the customer. Has
it improved the quality of security auditing. Big NO
Different issues have been discussed on this mailing list, not only
technical issues, and people skill issues, or a combination of both. Some
issues are addressed more in depth due to their complexity.
Security auditing is more than just the technology but also the how to look
around the technology and make people aware of the flaws in it it
At 10:13 AM 2/20/98 -0500, Roger Books wrote:
>I know what I am about to say is going to be horribly unpopular, however,
>it is one of lifes lessons.
>If everyone else has a problem, you are looking in the wrong place.