« Vulnerability Bounties | Main | What Not To Insure »

August 11, 2005


Fazal Majid

Anybody who thinks large corporations are more likely than small ones to pass compliance has no idea how messy and convoluted the IT systems of large corporations are.

A small, stable credit union that has not changed much in the last 20 years is much more likely to have a grip on its systems than a large bank like BofA which has merged with several other companies in the last 10 years, and has a hodge-podge of poorly-integrated IT (California customers like myself are handled by a completely different system from the rest of the country, for instance).

Since a big rationale for corporate mergers is synergy, i.e. firing people in overlapping departments, in most cases the people who know where the skeletons are buried have left the company already...

The comments to this entry are closed.

My Photo

Risk Reading

Blog powered by Typepad