Re: Article: "Security Absurdity: The Complete, Unquestionable, And Total Failure of Information Security."

"hear, hear!"

"The goal of your security program is to optimize risk, never minimize
it. This is an extremely important distinction. It also sounds
counterintuitive to many people" From Ira Winkler's book titles Spies
Among Us.

The whole book is an excellent read. But I would highly recommend
reading the pages 35 through 50, for a understanding of the topic of
security. People write about security without  really understanding
the nature of the beast.

Or even better, have a 1-one-1 session with Mr. Winkler on how you can
minimize security related risk at your organization.


On 5/22/06, Robinson, Sonja <Sonja.Robinson@fticonsulting.com> wrote:
> I had this debate on a different forum last week. I found the article
> annoying and misleading in many instances (typos aside).  It just
> rehashed the same things and didn't provide solutions but just blamed me
> for the ills of society (like I need more).  I try to beat my users


--
Saqib Ali, CISSP, ISSAP
Support http://www.capital-punishment.net
-----------
"I fear, if I rebel against my Lord, the retribution of an Awful Day
(The Day of Resurrection)" Al-Quran 6:15
-----------