[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-disclosure] Need some advice for a new customer
- To: "Peter Besenbruch" <prb@xxxxxxxx>
- Subject: RE: [Full-disclosure] Need some advice for a new customer
- From: "Handy, Mark \(IT\)" <Mark.Handy@xxxxxxxxxxxxxxxxx>
- Date: Thu, 16 Feb 2006 21:43:45 -0500
Agree completely.
Mark Handy
STAR (Security Threat Assessment and Response)
-----Original Message-----
From: full-disclosure-bounces@xxxxxxxxxxxxxxxxx
[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxxx] On Behalf Of Peter
Besenbruch
Sent: 13 February 2006 11:19
Cc: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Need some advice for a new customer
> Here's the question:
>
> Should the company notify their customers of a POSSIBLE compromise of
> their data? I have been trying to convince them that they should
> operate as though the data is compromised. Is that the right position
> to take as a security consultant?
What would be the consequence to their business be if the news of
compromise came from a third party, and not the business itself? They
need to get out front on this.
--
Hawaiian Astronomical Society: http://www.hawastsoc.org HAS Deepsky
Atlas: http://www.hawastsoc.org/deepsky
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
--------------------------------------------------------
NOTICE: If received in error, please destroy and notify sender. Sender does
not waive confidentiality or privilege, and use is prohibited.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/