On Thu, 20 Jun 1996 my mailer thinks Bill Stout said:
>At 05:15 PM 6/20/96 -0400, Frank Willoughby wrote:
>>Actually, this is no longer the case. According to the 1996 CSI/FBI
>>survey, most of the security incidents are commited by external entities,
>>not internal ones. If memory serves, it used to be @80% of the incidents
>>were internal. Now @60% are external.
>Do you have corroborating links on this?
Try www.gocsi.com/csi for the study...keep in mind that it was *not*
administered under controlled conditions, and may be statistically invalid.
Also, on 6/20, Brad Walker may have written:
>> From frankw @
net Thu Jun 20 15:36:24 1996
>> Date: Thu, 20 Jun 96 17:05:31 -0400
>> To: firewalls @
>> From: Frank Willoughby <frankw @
>> Subject: Re: Pilot Network Services
>> Those in sensitive gov't agencies generally won't be fooled so easily.
>This is completely wrong. I have a close personal friend who works
>for the CIA and she lied on her polygraph. The tester accepted
>her answer as factual. The polygraph is a poor test of a person's
>truthfulness and honesty. Hence the reason it's inadmissible as
>evidence in a court of law.
Leaving aside the implied question of ethics in Brad's example, there are many
who can "beat" a polygraph, particularly those with certain psychological
disorders; such as pathological liars. However, the results of a polygraph
test *are* admissable in court in most U.S. venues, but only with the agreement
of both the prosecution and defense.
Warren S. Moore, CISSP
Information Security Specialist
Cincinnati Bell Information Systems Inc.