On Thu, Sep 8, 2011 at 4:01 PM, <[email protected]> wrote: > On Thu, 08 Sep 2011 01:40:23 EDT, Jeffrey Walton said: >> Philip Reitinger, former director of the United States National >> Cyber-Security Center, a division of the Department of Homeland >> Security, will be joining Sony as a chief information security >> officer, Sony said Sept. 6. > > Horses and barn doors... > >> Security experts and industry watchers criticized Sony for not having >> had a CISO prior to the breaches. "How can a worldwide company with >> billions in revenue and an even larger market cap not have a CISO? It >> boggles the mind," Phil Blank, an analyst in the security, risk and >> fraud practice area at Javelin Strategy & Research, wrote on the >> market research firm's blog in May. > > "If you spend more on coffee than you spend on IT security, then you will > be hacked. What's more, you deserve to be hacked." -- Richard Clarke > > Anybody want to guess what Sony's coffee/itsec ratio was? Its amazing a company with chronic security problems was able to operate without a CISO for so long (cf, http://attrition.org/security/rants/sony_aka_sownage.html).
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
