Security Pros Bemoan the Need for Focus

Ant writes "Computerworld has an article about more proactive initiatives falling by the wayside. Operational and tactical considerations continue to dominate the IT security agenda, despite a growing need for more strategic approaches to data protection."

More of a strategic planning process....

[Proudrooster]

"What's really needed is more of a strategic planning process that involves business executives and technologists," Spinelli said. Instead, security managers all too often offer "nothing by way of a long-term strategy" for IT security.

In just the first two paragraphs alone I was able to fill up my BULLSH*T BINGO card. Let's see if I can write a useless statements containing lots of buzzwords. What's really needed is a short term strategy with long term synergestic goals that transcend all layers of the organization and implement proactive world-class security. Yep, I still got it.

Just think, if executives had more of a strageic planning process for the business in general, then US companies might be healthier and stronger, instead of sacrificing the future for short-term profits.

I guess it is just a slooooow news day.

Re:Is this the right use of the word 'bemoan'?

[Tom]

Right now, it just sounds like security pros are whiny babies that don't want to do their jobs.

As security professional, the fact of the matter is that more often than not the company doesn't let me do my job. Cost isn't even the main issue - understanding is.

If you think about moving into the security area, realize one thing: Half of your time will be spent convincing management that the other half is really necessary, and two thirds of that other half are dealing with either decade old issues (no encryption, weak passwords, not updated machines) or user stupidity (sharing passwords, disabling security features, not following procedure).

The sixth or so that's left is pretty thrilling, though.