14 DAY TRIAL // When you have a problem with your security system it is hard to keep it a secret. How come? Well, black-hatters are always probing the Web to see what flaws they can exploit and if your network has a security issue, it will be found!
I've read this great article by security expert Mark Gibbs, on NetworkWorld, about holes in security systems and said that there are three possible knowledge states about cyber-defense issues. This kind of reminds me of the JoHari's windows concept in philosophy. Regardless, the 3 states are: everyone knows about the problems (both the IT managers and the malicious users), only one group knows about it, or nobody knows what it is. Well, the best situation is when only the admins know of it and they try to fix it fast. SO that's why if you are working in this business, if you disclose a vulnerability it's better to report it to the rest of the team, even if it's your fault. The best thing to do is patch holes as fast as possible!
Why fast? Because otherwise black-hatters are going to exploit it! It's also good to know what flaws your system has in order to properly act around them, so disclosing a vulnerability is a great thing, not because you have a buggy system, but because you have a buggy system and you know it. Knowing how your system works is definitely one of the most important things when talking about security.
Suppose everyone knows about the flaws, you can fight hackers off until you patch things up, but say only malicious users know of it - then you've got a problem. This also means you haven't properly inspected your system.
Know your system! Patch up any holes that you find! Keep up security!