Earlier today, I tweeted the following and was commented on by Dan Kaminsky (@dakami):
@beaker “In general, security engineers are neither.”
— Dan Kaminsky (@dakami) November 28, 2012
…which I explained with:
We practice and focus on physical infrastructure, network and application security as relevant discipline slices, but “information?”…
— [Christofer] Hoff (@Beaker) November 28, 2012
This led to a very interesting comment by Preston Wood who suggested something very interesting from the perspective of both leadership and accountability:
— Preston Wood (@preston_wood) November 28, 2012
…and that brought forward another insightful comment:
— ǝɔʎoſ ʇʇɐW (@openfly) November 28, 2012
Pretty interesting, right? Engineers, architects, medical practitioners, etc. all have degrees/licenses and absorb liability upon failure. What about security?
What do you think about this concept?