Patrick, I personally think that you hit the nail on the head on this one. "LulzSec is running around pummeling some of the world's most powerful organizations into the ground... for laughs! For lulz! For shits and giggles!
Surely that tells you what you need to know about computer security: there isn't any." While I may not agree with Lulzsec's actions or ethics, they are certainly raising awareness, and hopefully cutting through the FUD.
It is odd, we have had a number of the CEOs and CTOs become directly interested in the testing we are currently involved in. Why? Because every week there is a new story about a large company being attacked.
Yesterday, on the Core webcast, we were taking about the bear analogy. Many managers say they don't have to be the fastest, we just need to be faster than the other guy when being chased by a bear.
But what if there are a lot of bears?
And the majority of them are smarter than you?
Now, management is starting to get it. Now they are seeing very large organizations fall. Now, they are learning their organization is tasty and goes good with berries.
From Larry and John
PaulDotCom will be teaching Offensive Countermeasures at Black Hat July 30-31