1) He can (and has explained Syn Flood attacks, as well as a number of other attacks). 2)Microsoft business units execs REFUSED to implement better security measures that he and his team recommended (to the IT organizations) they fell victim to a hack attack. Since security officers rarely have the authority to FORCE security changes against the business units VPs who gets the blame. 3) The 2nd part of his speech calling for BETTER Quality control, better security organizations as well as looking to prevent the event from ever taking place was not reported. 4) If you have a better way of fixing cyber security why don't you call him and tell the government how to fix years of neglect, legacy systems that never should be connected to the internet and instead of slamming someone that is trying to get better security.
5) He said in the beginning of his speech that the "memo" he read was written by Richard Clarke in an internal email and he also read how things could be improved.
6) He was not out raising money, but trying to raise awareness of what COULD happen if people do not pay attention to security, I KNOW I have been there during a couple of his speeches and used to work with people that worked with him.



[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/97/15815#15815