back to article Go ahead, build better security: it just makes crims try harder

The chief security officer of payroll giant ADP says his executive peers will need to become technical if they want to have a future in the industry. Roland Cloutier, who has a stint as EMC's chief security officer on his CV, told the Nullcon security event in Goa, India, that executives must be a lot more technical than they …

  1. allthecoolshortnamesweretaken

    It's an arms race.

    1. Anonymous Coward
      Anonymous Coward

      Not if you're ADP. Why bother improving when criminals will just catch up?

      It's not like they'll keep advancing whilst you're sitting on that IE-in-compatibility-mode-only portal that can't even be resized...

      From the moment my workplaced showed me that we were now using ADP my head was in my hands :-(

  2. Joe Gurman

    The syntax police

    Interesting piece, and I hope the author will not take it amiss if I suggest that reporters need to become grammatical: "He says risk is critical for security executives despite that he admits it is his weakest area." Maybe "despite admitting," or even "even though he admits."

    1. Vic

      Re: The syntax police

      "He says risk is critical for security executives despite that he admits it is his weakest area." Maybe "despite admitting," or even "even though he admits."

      I suspect a semicolon after the word "executives" would be more appropriate.

      That said, I suspect the word "understanding" is missing just before "risk"; the alternative really isn't very palatable[1].


      [1] Although it might be correct as is ::shudder::

  3. Anonymous Coward
    Anonymous Coward

    The French have it right

    The MD of any French company must be qualified in the subject of which the company is engaged, being as they are held legally responsible for company/management incompetence.

    "Money Men" should know how to extract the maximum amount of return from their investment, it doesn't mean they know anything about any other subject but too often they are the ones that get to make the decisions.

    If you want the West to have any technical achievement then everyone should emulate the French and restrict technical decision making to those qualified and competent to make them.

    Sadly the whole system in the US and UK is based upon company directors rarely being held liable for anything and that means they keep making the same stupid decisions that effect us all.

    For those that want to post about how Bill Gates wasn't qualified but managed to make millions, if he had been held liable for his blunders then he would have gone out of business in the '80s that he didn't is the reason that windows was never secure and yet the majority of users still have to work with it.

    1. gollux

      Re: The French have it right

      So, where's this superior French OS so that we may adopt it?

      1. Captain DaFt

        Re: The French have it right

        "So, where's this superior French OS so that we may adopt it?"

        Yeah, give us an Eiffel!

        1. Anonymous Coward
          Anonymous Coward

          Re: The French have it right

          It is hard for a legitimate company to compete when US companies can flaunt the law and produce rubbish without any real fear of come back until the US courts eventually catch up.

          Same for inept.insecure coding, why bother doing it right when crap sells better, as always it is joe public who ultimately pays the price and is told it is legal and inevitable for them to be left vulnerable.

          Until people actually question the "secure computing is impossible" mantra things will continue to be chaotic.

          Computers have to be the most completely understood science and yet it is okay to sell a product that just does not work to by reasonable assessment and the vender are allowed to walk away laughing.

  4. Anonymous Coward
    Anonymous Coward

    'CSO of payroll outfit ADP says until suits understand tech, we're all doomed..'

    So, Private Frazer war right after all then...

    I'd expand the scope of this by s/tech/anything/g.

    In my limited (hah, I wish!) experience of suitdom, they don't want to understand, they just want to hear soothing platitudes from their underlings, suit wearing or otherwise, telling them how right they are..

  5. a_yank_lurker


    Unfortunately the technical competence of the suits will not really improve. What improve is their ability to mouth the appropriate buzz words when the time comes to play buzz word bingo.

    1. Charles 9

      Re: Dreaming

      Plus, the crooks can always resort to the nuclear option: moles. As any security firm can attest, it's nigh impossible to defend oneself from an insider because by the time you figure it out, the damage is already done and the crook likely already long gone.

  6. pfretty

    Yes, it's a vicious cycle. However, if organizations fail to embrace big data as part of their security routine, they could find the business in quite a mess. We are really just on the cusp of truly understanding the potential within. There are a few good posts on this subject over at the Big Data Forum. Peter Fretty, IDG blogger for SAS

    1. Doctor Syntax Silver badge

      Downvoted for advertising your own blog - as on your previous posts here.

  7. Mr. Flibble

    “All [better security] it means is that you will piss of the bad guys and they will become more sophisticated.”

    Isn't that the idea?

    Sophistication usually means more effort is required, and therefore surely some will give up or choose another less-well secured company?

  8. Anonymous Coward
    Anonymous Coward

    When is ADP going to support non microsoft browsers (not needing compatibility mode would be a start though) and TLS 1.2 then?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like