2 comments

[ 93.2 ms ] story [ 81.4 ms ] thread
> Implement a "one strike and you are out" hiring policy for information security employees. When they fail, do not let it happen twice.

Also, never hire an information security employee who has ever worked for a firm that has had a security incident. Their "industry best practices" did not work for the previous employer, why would they work better for the next victim? These former employees bring disaster.

Pardon the language, but what a load of crap that attitude is. I wonder if the author is giving up is job if one of their students is involved in a company that gets hacked, because clearly they failed to teach them properly and brings disaster?