There have been many significant government data breaches in the last two years, yet they want to tell the rest of us how we should be doing it better. I can picture this scenario just a little over a hundred years ago:
"Welcome to the Army's Aeronautical Division. My assistant said you wanted to discuss some ideas and models you have that may be of interest to the U.S. military. Please be aware we are a two-man office, since we only manage about a dozen hot air balloons around the country."
"We understand, but we think you want to see what we have accomplished."
"What are your qualifications - do you meet our standards for aeronauts?"
"We own a bicycle shop."
"I'm sorry. I need to ask you to leave. We only spend time on serious aeronautical projects, and don't have time to waste with a couple of Midwestern bicycle repairmen. What did you say your names were, again?"
"Orville and Wilbur, Major. Orville and Wilbur Wright."
John McCumber is a security and risk professional, and is the author of "Assessing and Managing Security Risk in IT Systems: A Structured Methodology," from Auerbach Publications. If you have a comment or question for him, please e-mail John at: Cool_as_McCumber@cygnusb2b.com.