begin quoting Tracy R Reed as of Fri, Nov 30, 2007 at 09:59:27AM -0800: > Andrew Lentvorski wrote: > >Tracy R Reed wrote: > >>If it were that common I think I would have heard about it. How are > >>the people who do these studies hearing about it? > > I mean I would have heard about it in my own companies. >From hearing about some of your experiences, I'd say you've heard about lots of inside jobs, but they were all done by owners and management. :)
> >And these are just the big ones. > > A couple big headlines doesn't mean it happens often. Schneier says that > if it appears in the news it is exceptional and sensational that we > should not consider it such a big threat. I know that this is a general > rule of thumb but so far I have seen more viruses, trojans, botnets, > fishing sites, and similar security issues than the statistically > infamous "inside job". Yah, but how many trojans drain the corporate savings account by sending it to Nigeria? But you have a good point -- how do they know when there's no information? I /thought/ the data was gathered by anonymous survey of IT managers. Or so I have an impression of recalling something I've read. (Can't place *actually* reading this, so it's completely unfounded.) But that data also might also be out of date -- we're not connecting to the corporate mainframe via a dial-up line anymore, f'rinstance. -- Would punching a hole thru the corporate firewall for VOIP be an inside job? Stewart Stremler -- [email protected] http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
