Firewall Wizards mailing list archives
Re: PCI DSS & Firewalls
From: "Marcus J. Ranum" <mjr () ranum com>
Date: Fri, 03 Apr 2009 08:06:53 -0500
Chris Blask wrote:
We have to keep in mind that we aren't just talking about securing networks where they have a Paul Analog (PA) on staff. Even where they do have a PA on staff, most often he is banging his head against a brick wall of corporate resource management. A good PA (or a good PCI consultant, QSA, whathaveyou) seizes on the opportunity to leverage the attention of the Great Purse Holders and have them pour some cash on worthy efforts that make the network more secure than it was previously.
And elsewhere:> It's not our jobs to cure stupid, it's to make systems more secure, > > whatever the situation on the ground happens to be.
Chris - you're better than this. Stop being an apologist for mediocrity. All of us understand that you can do a half-assed job, or that you can throw up your hands and say "things suck but I'll do the best that I can in the circumstances." We all know that. But please don't adopt defeatism as policy. mjr. -- Marcus J. Ranum CSO, Tenable Network Security, Inc. http://www.tenablesecurity.com _______________________________________________ firewall-wizards mailing list firewall-wizards () listserv icsalabs com https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: PCI DSS & Firewalls, (continued)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 02)
- Re: PCI DSS & Firewalls R. DuFresne (Apr 02)
- Re: PCI DSS & Firewalls Potter, Albert (Al) (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls lordchariot (Apr 02)
- Re: PCI DSS & Firewalls Jim Seymour (Apr 03)
- Re: PCI DSS & Firewalls Chris Blask (Apr 02)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Dotzero (Apr 03)
- Re: PCI DSS & Firewalls Paul D. Robertson (Apr 02)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 03)
- Re: PCI DSS & Firewalls Chris Blask (Apr 03)
- Re: PCI DSS & Firewalls Bill McGee (Apr 03)
- Re: PCI DSS & Firewalls Marcus J. Ranum (Apr 03)
- Re: PCI DSS & Firewalls Chris Blask (Apr 05)
- Re: PCI DSS & Firewalls Jim Seymour (Apr 06)
- Re: PCI DSS & Firewalls Chris Blask (Apr 06)