Re: Impact of Global recession on Security !

[Jon Kibler <Jon.Kibler () aset com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

? aditya mukadam ? wrote:
> Hello !!!
>
> There has been lot of news about the Global recession
> impacting/threatening IT budgets. Lot of articles have been written on
> it with various views. Since the audience of this list compromises of
> IT/Security people from all over the world and with different
> viewpoints, it will be very interesting to understand the opinion.

Hi,

Well, as a security consultant, I can already see a BIG impact. The
"interesting" part being how fast it has happened. Three weeks ago,
everything was fine. Starting two weeks ago, everything started to fall
apart VERY rapidly.

In the downturn of 1983-1984, it took over 6 months to get to the point
that things slowed down as much as they did in just one week, two weeks
ago. After 9/11, it took over 18 months to reach the point that we have
reached in less than two weeks.

Within the past two weeks, I have had two clients issue immediate stop
work orders. I had a third client give 6 weeks notice that everything
needs to be brought to a clean stopping point from which work can be
resumed once the economy picks back up. I have had a pen testing class
in early 2009 cancel because over 3/4ths the students withdrew in the
past two weeks. I had still another client decide not to investigate a
breach, opting to instead just rebuild from scratch the hacked system
and hope it does not get hit again -- instead of doing the incident
response investigation that their policy required.

On the new business side, I was in talks with a major international
retailer about some long term pen testing work. That screeched to a halt
when upper management declared a week and a half ago 'no new spending
until we see how Christmas sales end up.'

I had another client that we were in final contract negotiations with,
and with who we had agreed upon a price, come back and say that the
contract was off unless we could do the same work for 1/2 the price.

I had potential client that was in need of some PCI compliance work
decide to put off the work -- and even risk their ability to take credit
cards on-line -- until the economy stabilized.

Others, who we were in various stages of talks with, have simply stopped
returning phone calls, or are saying that they no longer have the need
that they had two weeks ago.

So, yes, the global downturn has had a VERY sharp impact on security.
Companies are simply not spending. Many, even those with good credit,
have had their credit lines reduced or eliminated, so they have
virtually eliminated all non-emergency spending. (This downturn is being
driven more by lack of credit than any other factor in my opinion.)

I have been in this business for over 35 years. I have seen NOTHING like
the past two weeks. It just leaves my head spinning, it has happened so
fast. Clearly, businesses are panicking and not thinking rationally
about either the short or long term implications of their decisions.

Something needs to happen to change the psychology of the markets and to
loosen up credit. The situation we find ourselves in today is simply
irrational -- no well thought out plans, just plain, simple panic.

I can only hope that things pick up as fast as they crashed. If not, we
have MUCH bigger problems to worry about than IT security.

Jon K.
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAkjyB88ACgkQUVxQRc85QlNTUQCfX10IwfrlR23Nq1UW2xGLcB1S
u1cAn3A8YNMaDxQUWJu8lLWybLvwj5Hs
=EVHF
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.