Diebold is clueless about risk management

I have to fully agree with Bruce Schneier when he talks about Diebold.

Here’s their view regarding the insecurity of voting machines:

“For there to be a problem here, you’re basically assuming a premise where you have some evil and nefarious election officials who would sneak in and introduce a piece of software,” he said. “I don’t believe these evil elections people exist.”

That’s what happens when you allow sales to talk about security. It’s similar to what I heard at a client in the defense space lately: “employees are ordered to do what they do in the system – so that can’t possibly be wrong”.