The disclosure of vulnerabilities can be a contentious subject. Regardless of where you fall out on the issue, the one thing everyone can agree on is that we’re trying to improve security, even if we’re on slightly different tacks. One…
We can go round and round about what’s going to drive improvements in computer security writ large, but when you boil it down it’s really only about one of and/or two things: money and bodies.
Are we really making a difference in security if we’re only solving problems that smart, rich customers can afford?
If you cannot effectively communicate how what you’re proposing makes your client a better business, your advice is going to be ignored