from Hacker News

Why CEOs fail cybersecurity (hint: they aren't asking the right questions)

by bnb on 10/2/17, 8:29 PM with 5 comments

  • by sasas on 10/3/17, 12:04 AM

    Relevant to Equifax.. the article should have -

    6) Do you have a up to date list of all assets in your network/platform with assigned owners? Have the components of the assets been registered for vulnerability notifications?

    You are running blind if you don't know what's in your platform. How can you secure something if you don't know it "exists" ?

  • by Kevin_S on 10/2/17, 8:52 PM

    I've come to a point where I really think no company will ever have even competent InfoSec practices. I've worked at a fortune-100 (terrible due to scale probably), a small InfoSec consulting firm (terrible due to lack of scale and non-caring leadership as ironic as it is) and now a global firm (terrible due to scale and poor training).

    I have no idea how to solve this problem, it seems impossible.

  • by grumble on 10/3/17, 12:27 PM

    Why give hint, why not just state the fact in title grrr give me an old fashioned headline any day ;)