I know "Joe", and on top of Robert's recommendation, I might suggest when "bringing it up" or making it know, you send it with a digital signature for non-repudiation, but that's just me being paranoid.
And just because I'm paranoid doesn't mean they aren't after me. Best, Edward On Thu, Aug 20, 2009 at 6:44 PM, Robert Miller <[email protected]> wrote: > I completely understand your situation! > > I heard that "Joe" was working at a company were he seen many things that > fail a few different assessments and brought them to the attention of the > executive staff, then was told to either put it under the table or stop > telling us this stuff we really don't like hearing it. After pondering this > for a few hours "Joe" decided it was best to document things and try to > continue to use opportunities to bring it up in meetings. Last time I spoke > to "Joe" I was told nothing has changed and if nothing else, it has gotten > worse. > > My advice to you is to document everything and protect your backup of said > documents, because reality is that once it comes to the surface, and it > will, you will be the fall guy for the company because no executive I know > of will admit to the fault and take the blame! > > Good Luck! > > Robert > > > Robert Portvliet wrote: > > Rich Mogull had a few things to say about that yesterday (very good read) > http://securosis.com/blog > > > > On Thu, Aug 13, 2009 at 6:21 AM, Ron Gula<[email protected]> > <[email protected]> wrote: > > > All great points .... and now from a CEO who says their QSA's let them > down: > > http://www.csoonline.com/article/499527/Heartland_CEO_on_Data_Breach_QSAs_Let_Us_Down?page=1 > > Heartland CEO on Data Breach: QSAs Let Us Down > > Heartland Payment Systems Inc. CEO Robert Carr opens up about his > company's data security breach, how compliance auditors failed to flag > key attack vectors and what the big lessons are for other companies. > > ... > > -- > Ron Gula, CEO > Tenable Network Security > > > _______________________________________________ > Pauldotcom mailing > [email protected]http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > _______________________________________________ > Pauldotcom mailing > [email protected]http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com > > > > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com >
_______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
