On Sun, Jan 8, 2012 at 12:03 AM, Laurelai <[email protected]> wrote:
> On 1/7/12 3:50 PM, [email protected] wrote: > > On Sat, 07 Jan 2012 16:25:35 EST, Shyaam Sundhar said: > > > Although, once they have gained popularity and to a stage where a garage > office becomes a shop floor and a @home biz becomes a rent-a-million$-building > office, it is time to shift priorities. > > If finding people who are competent enough to secure a payroll system for a > company of 10 people is difficult, what makes you think that it's easy to find > people who can secure the systems for a company of 1,000? > > As Stratfor has demonstrated, the talent pool of *really* competent security > people is shallow enough that there's not even enough to secure the security > companies. And it's not just Stratfor - when was the last time this list went > a > week without mocking a security company for its lack of clue? It's an > industry-wide > problem - there's a *severe* shortage of experts. > > And even though schools like DeVry and ITT are churning out lots of people > with > entry level certifications, I'm not at all sure that helps the situation - we > end up with a lot of people who are entry level, and don't realize how much > they don't know. That makes them almost more dangerous than not having anybody > at all. Sort of like if you walk alone through a scary part of town, you > actually stand a good chance because you *know* you're alone and will act > accordingly - but if you have a bodyguard with you, you're likely to act > differently, and end up totally screwed when you find out said bodyguard has a > belt in martial arts, but zero experience in street fighting... > > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > > Perhaps these companies should try to hire the kids owning them instead > of crying to the feds. > why do you think that kiddies using tools like sqlmap would be able to defend them from other kids? -- Ferenc Kovács @Tyr43l - http://tyrael.hu
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
