|
|
|
|
|
|
by Damogran6
1097 days ago
|
|
|
I've been in security longer than most job applications ask for. Every security solution is just the same Black Box with a one-trick-pony in it. After the 40th one, they all kinda blur together after awhile. They all have accounts and permissions and reporting and maintenance and update processes and a way to store the data they create...and a single line on a single tab on a single webpage that 'does the trick'. I'm with the OP. I'm tired of installing SIEMs when the leadership undergoes an upheaval and the new CISO comes in with some form of "Everything you have is CRAP! My stuff is awesome! Warm up the forklift!" It's all the same alchohol lubricated meetings in a bar with the same deep fried taquitos and the same fidget spinners emblazoned with the product name, usually a VERBNOUN. |
|
|
This is a cultural problem in the information security space and one reason why I've left that space. I call this "checkbox compliance" culture. Most customers want a box they can rack, check the box on a compliance audit, and move on. Very few companies actually give a shit about security as a practice or philosophy, and don't actually do any of the work to build security into their products and systems.
The epitome of this is that many companies operate devices at their border that strip encryption via using a company-provided CA to man-in-the-middle all traffic across their network to do DPI, and then re-encrypt (hopefully) to the ultimate target. From the perspective of the employee, the primary attacker on the network is the company's own infosec team, because the policies and compliance checkboxes are achieved in the worst possible iteration of how you might meet compliance without any regard to /security/.
This is a fixable situation, but it's a hard thing to fix because like most cultural issues, it's ultimately some kind of tragedy of the commons.