Shostack + Friends Blog Archive


Transparency: When Security Pros Get Popped

Rich Mogul over at Securosis (N.B. I’m a contributing analyst there) has a great post on how, due to human error, some of his AWS credentials got nabbed by some miscreants and abused. We here at the New School love it when folks share how they were compromised and what they did about it. It is this sort of transparency that helps us all. Kudos to Rich for being willing to share his pain for our benefit.

2 comments on "Transparency: When Security Pros Get Popped"

  • Gary Hibberd says:

    I completely agree! We need this level of transparency or the true impact of incidents and the sheer scale of them will always remain an ‘unknown’. Traditionally this has been borne out of fear but I hope the tide has turned on this and companies (and individuals) will begin to be more honest about the breaches and incidents they have learnt.

  • Andy Reed says:

    Hello David

    I’ve noticed over the years of teaching and consulting on data security that getting hard stats on security breaches is never an easy task. I think that the more businesses share this type of information the more organisations will start to get a real sense of the threats they may be unaware off, or even close their eyes to.

Comments are closed.