My mate from the far northern burrows, wrote about the over exaggeration of statistics in a security context. I have long believed that IT security types have lost their marbles, and are absolutely besotted with the fake world of statistics and forsake reality. This realization dawned on me after the following episode:The Chief Lost Marble Person (CLMP) in charge of Information Security commissioned the regular scanning of the network with Nessus. This report had an extremely long list of vulnerable workstations. I spoke to our AD admin who created a GPO to enable the desktop firewall on all our workstations.
The list of vulnerable workstations dropped by 80% on the next report. The CLMP instead of being pleased, said we had buggered up his stats and we had to disable the firewalls. Somehow in his head a disabled firewall and statistics was more secure?
0 comments:
Post a Comment