[Dad2Angels]

By all means, let's not hold the software manufacturers, uh Microsoft, that market these security hole riddled packages accountable.

Let's blame the guy/gal doing their level best given budget and staffing restraints to guard the gates against any number and type of asymmetric attacks.

[Terpfen]

I also blame the idiot users who don't think twice about phishing attacks, replying to spam, or installing that ActiveX script because they think they need it to browse a website.

They think security is someone else's problem. That attitude has to change.

[Bush2000]

By all means, let's not hold the software manufacturers, uh Microsoft, that market these security hole riddled packages accountable. Let's blame the guy/gal doing their level best given budget and staffing restraints to guard the gates against any number and type of asymmetric attacks.

Uh, get real. Many of these so-called "security bosses" have their heads up their asses and don't know what measures they should be taking against security threats. Examples ... allowing attachments to pass through the corporate email servers without being quarantined ... allowing their users to run with admin privileges ... not requiring adequate password policy ... not using an adequate firewall ... not filtering allowable user-browsable websites at the proxy ... not establishing corporate standards to establish allowable applications ... etc.