This time, people should listen to the FUD

Most of the time, I’m anti-FUD (Fear, Uncertainty, Doubt – basically, when security people spin the “worst case” approach to try to sell something based on fear) but in this case, I think the author of this article is really clued in. The truth is, the publicly-disclosed issues really are only the tip of the iceberg. Basically, in today’s environment, once an enterprise gets to be of a certain size (more than 2 people?) it’s impossible to know where any given piece of data is at any given time. Couple this with an increasingly complex landscape, and there’s a situation where every piece of data must be considered comprimised at any point in time. Not a good thing for those of us that the data refers to…