Firewall Wizards mailing list archives
Re: Outsourcing Firewalls/Internet Security count
From: Bennett Todd <bet () rahul net>
Date: Fri, 5 Dec 1997 04:53:56 -0800
On Thu, Dec 04, 1997 at 11:05:26AM -0500, David HM Spector wrote:
Unfortunately, this outsourcing of security *IS* a reality -- especially in the financial community.
Interesting. News to me, but then I've only working in a couple of Wall St. firms, and have friends in a few more; I'm by no means an authority on the industry as a whole.
[...] a really large Wall St. money center bank [...] In late 1995 [...] was about to outsource most of its key technology operations; [...] Over the last two years, they have indeed outsourced ALL of their firewall operations/installation/management. The quality of the people running the service now from what I understand, are, um, not folks I would trust to deliver a letter, let alone be responsible for the network and infrastructure security one of the top-5 banks in the US.
I've gotta be glad to hear about competitors who do things like that. Makes the rest of our jobs easier --- ``I don't have to run faster than the bear, I just have to run faster than _you_''. Competitors with poor security will lure potential attackers away from me. Hooray!
Unfortunately, on Wall St. (and probably soon on main street) there is a real backlash against technologists (not technolgy).
This I haven't seen, and don't expect to; I wouldn't work at a place that dislikes me, obviously:-). But I gotta say, that sounds pretty odd; I hadn't heard anything like that from friends.
The cost of our kind of services keeps going up (to keep up with the implemenation to the technology and the complexity of the threat)
More stuff I hadn't noticed; the cost of a serious systems analyst seemed kinda stable for the last few years; while there are the occasional outlandish offers they haven't so far had attractive realities behind 'em. But I really don't understand that parenthetical comment at all.
and the ability of management to actually UNDERSTAND why what we do is crucial to their ability to actually conduct business is dropping.
Then the the management in question has been hiring ill-qualified people --- explaining what we do, teaching management the basic concepts, giving them a clear understanding of the threats so they can weight benefits -vs- risks -vs- costs and set the right policy for the firm --- that's the single most important job of a security admin.
The bottom line is that corporate management is buying the line [...]
I don't know what to make of this; you paint a picture that's pretty grim, but I work in the same industry, and have friends in other companies in the same industry, and I haven't seen anything like this. So I guess what this must mean is that there are some nice, juicy, attractive targets out their helping to keep the carrion feeders off me. Gotta be grateful for that, anyway. -Bennett
Current thread:
- Outsourcing Firewalls/Internet Security count Safier, Adam (GEIS) (Dec 03)
- Re: Outsourcing Firewalls/Internet Security count Edward Cracknell (Dec 03)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 03)
- Re: Outsourcing Firewalls/Internet Security count David HM Spector (Dec 04)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Adam Shostack (Dec 08)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 03)
- Re: Outsourcing Firewalls/Internet Security count Rick Low (Dec 04)
- Re: Outsourcing Firewalls/Internet Security count Paul D. Robertson (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Bennett Todd (Dec 05)
- Re: Outsourcing Firewalls/Internet Security count Larry J. Hughes Jr. (Dec 08)
- Re: Outsourcing Firewalls/Internet Security count Edward Cracknell (Dec 03)
- Outsourcing firewalls & InfoSec Ops - Part I/II Frank Willoughby (Dec 09)
- Re: Outsourcing firewalls & InfoSec Ops - Part I/II Paul D. Robertson (Dec 15)
- Re: Outsourcing firewalls & InfoSec Ops - Part I/II chuck yerkes (Dec 16)
- Re: Outsourcing firewalls & InfoSec Ops - Part I/II Paul D. Robertson (Dec 17)