Security for Security's Sake In my first post, I want to discuss what I think are the generic industries approach to security. My experience is that security is kind of like the US Military spending and the budget in three key ways. Everyone knows they need security just like we need a strong military - duh. Everyone also thinks more security is better, just like more military must be better. If you try to question security measures of spending, you will be accused of not trying to protect important data, risking hackers, data theft, etc, just like if you question military spending then you aren't a patriot or don't care about soldiers, etc. In both cases, we avoid having real discussions or analysis on what is appropriate and what is not appropriate because of fears of things that people don't even try to quantify. Failure to properly assess and address security concerns is one of the biggest wastes of time, money, and resources in the IT industry in my op...
Posts
Bane of the IT Industry
- Get link
- X
- Other Apps
Why am I writing this blog? As you can tell from the blog, I am a bored IT consultant currently living overseas. I am currently only working part time on a few things and always wanted to write about some of the things that troubled me about the industry. I have over 20 years experience in everything from coding, testing, designing, architecting, managing, etc for projects from FAT client implementations, custom web applications, COTS product implementations, etc. None of this makes me a true expert (I believe about 1 of every 20 people claiming to be an expert really is), but it gives me a pretty broad view of the generic industry and some of the issues. I'm also hoping that these thoughts will help me determine better ways of approaching problems in the future and if somehow others read this maybe they will give me their thoughts as well. This blog is not designed for some other purpose, basically I am bored and have some thoughts. If you have any comments (whether you a...