View Poll Results: Which search engine do you use most?
- 17. You may not vote on this poll
November 3rd, 2005, 12:08 AM
Catch is a stand up guy, and may his security business live long and prosper. He already knows how I feel through em@ils about that....... wait! I meant Electronic mail, please forgive my ignorance! Yeah, bra, you're an authority when it comes to this profession, and I'm sure your name/ co name can be heard for miles in Silicon Valley.
neel, how obtuse can you be?
Your whiny ****? Take it elsewhere.
November 3rd, 2005, 01:06 AM
no! wait! I DON'T use TFM!
In fact I don't particularly care because the trolls have obliterated any decent content within this thread no matter how hard we try to keep it alive and informative. All of you need to be bitchslapped for this distinct lack of respect for one another, and for those of us who tried in vain to keep the discussion going. You make me sick.
Even a broken watch is correct twice a day.
Which coder said that nobody could outcode Microsoft in their own OS? Write a bit and make a fortune!
November 3rd, 2005, 05:04 AM
Re: no! wait! I DON'T use TFM!
black, I'm sorry it went the way it did, then again not really. I could've defined the acronym, would it benefit someone who thinks E=mc˛ is "just a word" and not a physical equation? I didn't think so.
November 3rd, 2005, 10:16 AM
Quite right Nihil
Originally posted here by nihil
Hey guys 'n gals........................one of our own, Catch has gone out there?..............where are the congrats and good wishes? am I the only one who cares?
And which one of you shall I pick on next?
Catch, best wishes mate, and I shall have a Mass said for you................that will be three off this site this week..............at least yours is a happy one!
Best of luck Catch
November 3rd, 2005, 03:41 PM
If I help you, !mitationRust, it will be "turns" for us too. I tell you things, you tell me things. Not about this case, though. About yourself. Quid pro quo. Yes or no?
Anyway, I have watched TCSEC in action since I joined the Army in 1990 and then when I went to private industry. Think about computer systems back then and then look at the way systems have evolved today. Quit your bitching, things were much harder to deal with back then.
This single doc has been my baseline for security everywhere I've gone and while it does take considerable effort to first implement, you'll recover your costs 100 fold in a very short amount of time.
While I'm not buying into the end all be all theory, the TCSEC is an excellent foundation to hang additional layers of security on. In our case, we've modified several NIST docs and fit them to our environment. At the end of the day, we meet the business requirements and the mandated requirements our good friends on Capitol Hill have promised are on the way. As a bonus, we've nuked most HIPAA and PCI requirements just by having this structure in place from the start. Think for a second how many places are going to be completely screwed trying to radically change the way their technology model is positioned in order to meet just one of the aforementioned.
Anyway, my 2 cents.
That said, you need several things to be a success with this approach.
1) Management buy in.
2) The right security talent in multiple disciplines. (security doc writers, legal, technical, audit, etc.)
3) Enough resources to maintain and expand.
4) Zero tolerance policy with TEETH. By far, the hardest thing to aquire, especially if your security team is nested under the IT branch of the org chart.
5) A budget that grows each year. Pulling this off without bling is nearly impossible, especially when we're talking about human resources needed for this.
Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden
November 4th, 2005, 12:41 AM
Your anagrams are showing, doctor. Quid pro quo, doctor.
After reading the clockwork-orange a few times, and then converting its text to speech for the MP3 player...um.....certain acronyms get burnt into your brain. Like the abovementioned, I can see how difficult the implementation can be for the nonproficient.