July « 2016 « The InfoSec Blog

In theory, consumers and businesses could punish Symantec for these
oversights by contracting with other security vendors. In practice, there’s
no guarantee that products from other vendors are well-secured, either
— and there is no clearway to determine how secure a given security
product actually is.

Too many firms take an "appliance" or "product" (aka 'technology") approach to security. There's a saying that's been attributed to many security specialists over the years but is quite true:

If you think technology can solve your security problems,
then you don't understand the problems and you don't
understand the technology.

Its still true today.

Tagged as: Bruce Schneier, Information security, infosec, ISO/IEC 27000, ISO/IEC 27001, ISO/IEC 31000, Marcus Ranum, Risk Management, Security Continue reading

Availability

I am currently available to offer InfoSec & GRC audit and consulting services through my company - System Integrity

M	T	W	T	F	S	S
« Jun				Sep »
				1	2	3
4	5	6	7	8	9	10
11	12	13	14	15	16	17
18	19	20	21	22	23	24
25	26	27	28	29	30	31

Nobody wants to pay for security, including security companies

Posted by Anton Aylward

Availability

Popular Pages

Categories

Archives

Calendar of Posts

Meta

Security Links