RE: Scare Me !!

andrew.c.howardexxon.com
Fri, 11 Jun 1999 13:16:57 -0500

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Sloan, Scott: "Virus Scanning"
• Previous message: chuck: "IMAP who provides CERT support (was Re: IMAP- how to protect a server?)"
• In reply to: Ge' Weijers: "Re: IMAP- how to protect a server?"
• Next in thread: Lance Spitzner: "Re: Scare Me !!"

I am sure the list will be forthcoming soon enough, but I recommend that, instead of targeting one after another of exec, tech, etc, you target the top decision maker. That is, the executive sponsor of the company security policy. It sounds like you don't have a policy. If you don't have a policy, then maybe a risk assessment hasn't been done.

Until management understands or at least sees how and by how much the bottom line can be affected (results of a risk assessment), then they won't see a need for a policy (a map of the controls for the risks). Without a policy (the rules and consequences), then "enforcement" is a moot issue. Good luck. It can be a tough battle!!!!
---------Andy Howard :-)
* andrew.c.howardexxon.com <mailto:andrew.c.howardexxon.com>

        -----Original Message-----
        From: Ken Hardy [SMTP:kenbridge.com]
        Sent: Thursday, June 10, 1999 12:01 PM
        To: firewall-wizardsnfr.net
        Subject: Scare Me !!

        I need to induce a healthy respect for Internet dangers into
        some folks around here. I know the dangers, or enough of them,
        but it's wearing to try to educate one after another exec,
        network tech, etc.
        

• Next message: Sloan, Scott: "Virus Scanning"
• Previous message: chuck: "IMAP who provides CERT support (was Re: IMAP- how to protect a server?)"
• In reply to: Ge' Weijers: "Re: IMAP- how to protect a server?"
• Next in thread: Lance Spitzner: "Re: Scare Me !!"

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:19:00 CDT