Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PCI DSS & Firewalls

From: "Marcus J. Ranum" <mjr () ranum com>
Date: Fri, 03 Apr 2009 08:06:53 -0500
Chris Blask wrote:

We have to keep in mind that we aren't just talking about securing networks
where they have a Paul Analog (PA) on staff.  Even where they do have a PA on staff,
most often he is banging his head against a brick wall of corporate resource management.
A good PA (or a good PCI consultant, QSA, whathaveyou) seizes on the opportunity to
leverage the attention of the Great Purse Holders and have them pour some cash on
worthy efforts that make the network more secure than it was previously.


And elsewhere:
> It's not our jobs to cure stupid, it's to make systems more secure, > > whatever the situation on the ground happens to be. 


Chris - you're better than this. Stop being an apologist for
mediocrity.

All of us understand that you can do a half-assed job, or that
you can throw up your hands and say "things suck but I'll do the
best that I can in the circumstances."  We all know that. But
please don't adopt defeatism as policy.

mjr.
--
Marcus J. Ranum         CSO, Tenable Network Security, Inc.
                        http://www.tenablesecurity.com
_______________________________________________
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: