My philosophy has been.
- Sleep today, wake up with headache tomorrow - If you don't patch your systems , then you have "Sword of Damocles" situation.
- If you can't patch - Then you don't have reasons , you only have excuses.
- If you disagree with above then, you better have a good plan for handling/absorbing everything that happens after a breach.
Here is a ColdFusion story:-
McLellan said the company received a visit from the FBI last year, and the agent said the group responsible for hitting Elightbulbs had compromised much more high-profile targets.
“The FBI investigator said, ‘Hey, don’t beat yourself up. We’ve got credit card processors and government institutions that run ColdFusion who were breached, this is small potatoes’,” McLellan said. “That was a small consolation.”
Ultimately, elightbulbs.com opted to remove the target from its back by outsourcing the processing of credit cards on its site to authorize.net, a third-party processing firm that specializes in securing e-commerce transactions
The links below has more information:
No comments:
Post a Comment