I cannot keep track of the number of times I have been with customers who discuss their network and its security only to hear the following:
“We are a <Non-IT business> and there is nothing on our network that a hacker would want. Why should we be worried about making sure our network is secure?”
Wow! What a statement. It astounds me every time I hear it. There are many ways to reply to such a statement—some of which are politically correct, and some of which are not. Usually the person making this statement is a customer, so the focus here should be on the politically correct response.
This statement epitomizes an attitude known as Security Through Obscurity. In this book, you will see that when it comes to security, relying ...