Paul Graydon <p...@paulgraydon.co.uk> writes:
>
>On 06/13/2013 01:03 PM, Brandon Allbery wrote:
>
>On Thu, Jun 13, 2013 at 5:39 PM, Harvey Rothenberg <forensic2...@yahoo.com>
>wrote:
>>
>>From TechTarget's WhatIs (dot) com defines a worm as a self-replicating code
>>that does not alter files but resides in active memory and duplicates itself.
>>It is common for worms to be noticed ONLY when their uncontrolled replication
>>consumes system resources, slowing or halting other tasks.
>>>
>>
>>
>>That ship has sailed. Like it or not, the average user --- and the average
>>compliance auditor --- does not distinguish between clades of malware.I'm a
>>slow learner at times. For years I've been arguing with our compliance
>>auditor about various aspects, and then finding out it gets me no where. I
>>still end up having to do stupid pointless checks all over the place just to
>>meet a tick box, and I'm never going to persuade them otherwise.
>When we interview sysadmin candidates one thing we tend to ask is
"What aspect of a sysadmin job don't you like". For me it's become
PCI-DSS / Security compliance, without question. I 'waste' at the
very least a day, but more typically two, researching and confirming
that 99% of the vulnerabilities reported for our infrastructure are
false positives, and I have to do this every 3 months or so.
>
>Like it or lump it our job is to somehow wrangle a cohesive and
complete security infrastructure that incorporates that checklist,
even if all it does is marginalise the harm caused by that
checklist.
>
I met my current boss via a similar conversation.
"Is there a real issue you are worried about, or are you just trying to check
off a compliance box?"
Classified areas suffer the same "must get the box checked" syndrome. _______________________________________________
Discuss mailing list
Discuss@lists.lopsa.org
https://lists.lopsa.org/cgi-bin/mailman/listinfo/discuss
This list provided by the League of Professional System Administrators
http://lopsa.org/
