On Thu, 13 May 2004 11:32:17 PDT, Micah McNelly <[EMAIL PROTECTED]> said: > I wonder if people forget the liability that any organization inherits if > they do NOT maintain a above standard protection scheme for their > network/hosts.
One of the problems there is the lack of a widely accepted "minimum due care" best practices document for you to be above. The Center for Internet Security (http://www.cisecurity.org) has been trying to address that, and slowly making some progress and buy-in. (ObFullDisclosure: I'm biased, I helped develop the Solaris and Linux ones....)
pgp00000.pgp
Description: PGP signature
