Home Forums SQLServerCentral.com Editorials We Don't Care about Data and IT Security RE: We Don't Care about Data and IT Security

  • August 12, 2014 at 7:09 am

    #1737202

    John Hanrahan (8/11/2014)

    That sounds like Auditors who know their stuff. I have been through audit after audit the last few years and have found from an IT perspective the auditors don't come close to understanding IT security or even the issues. It is disturbing to have them come in and audit our IT when it is clear they really only understand accounting. I figure if they aren't reading Brian Krebs on a regular basis they aren't up to speed (that isn't a guarantee though of course).

    That crew probably bill themselves as penetration testers. That's to distinguish from the auditors who are pretty much all paper with respect to controls.

    K. Brian Kelley
    @kbriankelley