MSNBC, has an excerpt from a book (no, it’s not the Communist Manifesto) “The Truth About Identity Theft” by Jim Stickley. It interesting read for some I’m sure but I have become thoroughly bored with penetration testing, social engineering and the like. It’s only difficult when you first start and you have no skills. After awhile it gets easier and easier. What is really difficult is securing systems and what is even more difficult is determining what to protect and what not to protect. Where are the risks that can cascasde and bring the whole company down? They’re there and they may only be obvious in hindsight.