Re: Gartner's Security 3.0

Dear Jay,

On 10/17/07, Jay D. Dyson <jdyson@treachery.net> wrote:
>         That's certainly in keeping with the way industry treats security:
> it's consistently regarded as an afterthought.

Didn't get your point here; see, they are obviously suggesting prevention.

>  And let's face
> it: users may say they want security, but they never want it when it costs
> them their precious convenience.

Indeed.

> > The thing is: how are you, as a pentester, feeling such, concerning your
> > incomes?
>
>         To be honest, I'm not very concerned.  I wear a lot of hats across
> the IT sector, so I've always got work.  But when (not if) the next system
> gets cratered because of lousy security, I'll be more than happy to do the
> work, earn the large sums, and consider the cashing of the customer's
> checks as my way of saying, "See, I told you so."

Oh, very professional.


Yours faithfully,


-- 
Marcio Barbado, Jr.
==============
==============

"In fact, companies that innovate on top of open standards are
advantaged because resources are freed up for higher-value work and
because market opportunities expand as the standards proliferate."
Scott Handy
Vice President Worldwide Linux and Open Source, IBM

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------