From: security curmudgeon (jericho@attrition.org)
To: david.garth.thompson@us.pwcglobal.com
Date: Fri, 9 Feb 2001 01:37:28 -0700 (MST)
Subject: Interesting article...


http://www8.zdnet.com/eweek/stories/general/0,11011,2680126,00.html

   Stop using the boogeyman to sell security
   By David Thompson
   February 5, 2001 12:00 AM ET
   
   
   The boogeyman may be a childish cliche, but security professionals use
   him all the time in their attempts to convince corporate management to
   buy into whatever project they're advocating. 

   It is time for us to stop selling fear and to begin to address the
   real benefits that security can offer. The industry has matured, and
   now it's time for us to grow up-and to stop relying on the boogeyman
   to get the point across for us.
   
   David Thompson is the former CIO at DARPA and works for
   PricewaterhouseCoopers. Write him at
   david.garth.thompson@us.pwcglobal.com.

Interesting article, but I can't help myself in pointing out something to you.

http://www.pwcglobal.com/extweb/manissue.nsf/DocID/6CA3989617D7E25A852569070049EEF5

This entire article is using the "hackers are evil" boogeyman to sell PWC services. Why? Because PWC sells security consulting by non-hackers. This seems to fall right into what you categorize above.

You are definitely right, security companies should not use a fearsome boogeyman to sell their services. They should use real world statistics or other factual data that helps justify why security is important. Hopefully you pass this article on to Mr Rica et all.