It's an arms race.
Go ahead, build better security: it just makes crims try harder
The chief security officer of payroll giant ADP says his executive peers will need to become technical if they want to have a future in the industry. Roland Cloutier, who has a stint as EMC's chief security officer on his CV, told the Nullcon security event in Goa, India, that executives must be a lot more technical than they …
COMMENTS
-
-
Monday 14th March 2016 09:15 GMT Anonymous Coward
Not if you're ADP. Why bother improving when criminals will just catch up?
It's not like they'll keep advancing whilst you're sitting on that IE-in-compatibility-mode-only portal that can't even be resized...
From the moment my workplaced showed me that we were now using ADP my head was in my hands :-(
-
-
Monday 14th March 2016 01:40 GMT Joe Gurman
The syntax police
Interesting piece, and I hope the author will not take it amiss if I suggest that reporters need to become grammatical: "He says risk is critical for security executives despite that he admits it is his weakest area." Maybe "despite admitting," or even "even though he admits."
-
Monday 14th March 2016 14:44 GMT Vic
Re: The syntax police
"He says risk is critical for security executives despite that he admits it is his weakest area." Maybe "despite admitting," or even "even though he admits."
I suspect a semicolon after the word "executives" would be more appropriate.
That said, I suspect the word "understanding" is missing just before "risk"; the alternative really isn't very palatable[1].
Vic.
[1] Although it might be correct as is ::shudder::
-
-
Monday 14th March 2016 02:58 GMT Anonymous Coward
The French have it right
The MD of any French company must be qualified in the subject of which the company is engaged, being as they are held legally responsible for company/management incompetence.
"Money Men" should know how to extract the maximum amount of return from their investment, it doesn't mean they know anything about any other subject but too often they are the ones that get to make the decisions.
If you want the West to have any technical achievement then everyone should emulate the French and restrict technical decision making to those qualified and competent to make them.
Sadly the whole system in the US and UK is based upon company directors rarely being held liable for anything and that means they keep making the same stupid decisions that effect us all.
For those that want to post about how Bill Gates wasn't qualified but managed to make millions, if he had been held liable for his blunders then he would have gone out of business in the '80s that he didn't is the reason that windows was never secure and yet the majority of users still have to work with it.
-
-
-
Tuesday 15th March 2016 14:19 GMT Anonymous Coward
Re: The French have it right
It is hard for a legitimate company to compete when US companies can flaunt the law and produce rubbish without any real fear of come back until the US courts eventually catch up.
Same for inept.insecure coding, why bother doing it right when crap sells better, as always it is joe public who ultimately pays the price and is told it is legal and inevitable for them to be left vulnerable.
Until people actually question the "secure computing is impossible" mantra things will continue to be chaotic.
Computers have to be the most completely understood science and yet it is okay to sell a product that just does not work to by reasonable assessment and the vender are allowed to walk away laughing.
-
-
-
-
Monday 14th March 2016 03:29 GMT Anonymous Coward
'CSO of payroll outfit ADP says until suits understand tech, we're all doomed..'
So, Private Frazer war right after all then...
I'd expand the scope of this by s/tech/anything/g.
In my limited (hah, I wish!) experience of suitdom, they don't want to understand, they just want to hear soothing platitudes from their underlings, suit wearing or otherwise, telling them how right they are..
-
Monday 14th March 2016 07:01 GMT pfretty
Yes, it's a vicious cycle. However, if organizations fail to embrace big data as part of their security routine, they could find the business in quite a mess. We are really just on the cusp of truly understanding the potential within. There are a few good posts on this subject over at the Big Data Forum. Peter Fretty, IDG blogger for SAS