Page 2 of 2 FirstFirst 12
Results 11 to 12 of 12

Thread: Public firms forced to release security information?

  1. October 14th, 2003, 11:53 AM #11
    IKnowNot
    IKnowNot is offline
    Senior Member IKnowNot's Avatar
    Join Date
    Jan 2003
    Posts
    792
    I did not think it unreasonable at all, in fact necessary. But the way I read the article they were requiring that companies disclose compliance to some standards which were verified by an independent auditor, not specifics.

    My question is, where are the standards for government agencies who are subject to public information acts? How much further must they go in disclosing information? I really don't know. I would hope that it would not go further.

    But just a little background on why I feel this way, why the need for some disclosure.

    I find it VERY disheartening when a CIO is asked to produce a basic network diagram, and for months ( actually a year and a half ) can not! ( because it does not exist and they do not know how to create one ).

    Or how about the same CIO being asked if remote loggers were in place for the network and they had not a clue of what was being referred to !!!! Even after it was explained to them what remote loggers were they sat there with a dumbfounded glare and they still did not know! ( by their bosses )

    Or how about the fact that the the same CIO, after signing off that compliance was met on certain requirements that included filtering software, and in meetings insisted that it was in place, was confronted with the fact that it was NOT, yet insisted that was a fluke because they were upgrading the filtering software at the exact moment that a test ( actually multiple tests over a several hour period ) was conducted. ( ah, yes, he was lying! )

    Yes, it happened! And if this is an isolated incident then maybe I am wrong. But I do believe these steps are necessary, independent verification of security measures is a must.
    JMHO.
    " And maddest of all, to see life as it is and not as it should be" --Miguel Cervantes
    Reply With Quote Reply With Quote
  2. October 14th, 2003, 03:02 PM #12
    Highlander
    Highlander is offline
    Senior Member
    Join Date
    Jul 2001
    Posts
    343
    Yes... I do have security.... His name is Leo... He is an Attack Something.... You figure It out!

    Yes... I do monitor my systems and you figure out how!

    Yes... I do own a GUN!!! Yes I will use it on a "CRACKER"!

    Yes... The neighbors do not like visitors..... They shoot first... answer Questions later!!

    Nuff said on my security!!!
    Franklin Werren at www.bagpipes.net
    Yes I do play the Bagpipes!

    And learning to Play the Bugle
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules