I kinda liked this one: "Testifying before the House Committee on Homeland Security, high-profile experts said [...] -Daniel Geer, principal of Geer Risk Services LLC, said Congress should invest in the development of security metrics, training of security professionals, and greater surveillance of data."
Can't agree more! A few months ago, I posted this controversial blurb about access vs access+ audit where I suggested that all access to anything should be if not audited then potentially "auditable." And now it seems like a US Congress-level issue, thanks to esteemed Dr Geer :-)
No comments:
Post a Comment