Security News > 2003 > February > Re: Experts: Microsoft security gets an 'F'

Forwarded from: Mark Bernard Dear Associates, Actually this statement may not be far from the truth, however it needs to be quantified. Typically within the information security program framework we measure the success of any program by the reduction in the number of incidents of a specific targeted group. The question should be, has the number of occurrences of this particular type of incident been reduced overall? If the group making the statement has measured the success of the Microsoft's initiative against how many systems were actually infected they may be using the wrong set of quantifiable criteria, thus their statement would be unjustified. A typical program takes three years to mature and will need to be tweaked a couple times before it hit 100% of the target. I should also qualify my statement, I am in no way a Microsoft supporter. I truly believe that when a group dominates a market place such as Microsoft has, the market in question becomes unhealthy. However, that's good for information security professionals. More balance is necessary. Happy hunting! Mark. ----- Original Message ----- From: "InfoSec News" To: Sent: Monday, February 03, 2003 2:24 AM Subject: [ISN] Experts: Microsoft security gets an 'F'

News URL

http://www.cnn.com/2003/TECH/biztech/02/01/microsoft.security.reut/