Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Authorities eye MSBlaster suspect

From: Paul Schmehl <pauls () utdallas edu>
Date: Fri, 29 Aug 2003 20:21:44 -0500
--On Friday, August 29, 2003 7:13 PM -0400 Valdis.Kletnieks () vt edu wrote:


You're totally missing the point.


And this surprises you?


If I'm doing security 30 hours a week, that's 30 hours a week I'm not
available for other things.


[skip the long litany of *other* things you could be doing]
In case anybody thinks that Valdis is somehow bragging, forget it. The many roles he is expected to fulfill are typical in a university environment. There *is* no such thing as "an intrusion detection specialist". Everyone in edu wears many hats - most of which are fulltime jobs in their own right. 

And you can't weasel out by saying "Hire somebody else to do that other
stuff"  or "hire somebody else to do security" - the point is that if we
did hire somebody else, then we'd only have 1 person of the 2 available
for productive work.  If we didn't have to keep spending resources on
security, BOTH people would be available then.
That's won't stop anyone from trying though. They actually think "security" is the stuff you *should* be doing, not helping your users be more productive. 

Paul Schmehl (pauls () utdallas edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: