Ethics and passwords

• Previous message: Ethics and passwords
• Next message: Ethics and passwords
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 I think we should call out this company for an accounting of what
their survey really consisted of statistically:
http://www.cyber-ark.com/news-events/pr_20080827.asp  They note that
"Note: This survey was conducted at Infosecurity 2008- Europe's
largest IT security event".

Looking at the events information
(http://www.infosec.co.uk/page.cfm/link=13/GoSection=4):
    * 12,176 visitors in 2008
    * UK Visitors - 11,124
    * Overseas Visitors - 1,052
    * Cross over Visitors* - 1,713
    * Press - 283
    * 1212 visitors returned on Day 2 from Day 1, and 976 returned on
Day 3 from Day 2
(total visitors really is 10463)
16% Director Level and Above (1674)
18% IS/IT Management (1883)
11% General Management (1150)
18% Technical Specialists (1883)
2%   Industry Analysts/Press (209)
13% Consultant (1360)
4%   Other (418)
18% Service Desk and IT Support Show Audience/Unspecified (1883)
(my numbers in () and just a guesstimate from above numbers and percentages)

It seriously puts down the profession as _being_ professional and
makes us sound like we are mostly criminals.   It isn't surprising
that the company is associated with "managing" highly sensitive
information.  I wonder what product they are trying to sell to help
companies deal with this.

Friends have told me in the past, "Companies lie, don't get worked up
about it.  It's all part of their strategy."  I think it's crap.  I
don't want to do business with companies that lie.  This kind of lie
is against the _profession_ and the people who practice that
profession.

Maybe USENIX/SAGE or LOPSA could put together a statistically
significant survey on this subject.

-- 
Jennifer Davis

• Previous message: Ethics and passwords
• Next message: Ethics and passwords
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]