That's a lot easier to do from above or outside said power structure.
Such as a consultant.
Its very hard to gain real leverage working from the bottom up. You
may be working in the right direction, but often you won't be moveing
at a meaningful speed.
This isn't specific to information security or even IT. Teams can get
to big to succeed, good leadership is critical but the leaders all
have conflicting goals. This is another example rewarding short term
success while ignoring assured long term failure.
-- Allen Deryke
On Oct 2, 2009, at 4:30 PM, John Strand <[email protected]> wrote:
Agreed with the above statements.
However, I have found if you are good enough you can move things in
the right direction.
It just takes a high threshold for BS and the ability to call people
out when they are slinging BS.
In a politically correct fashion of course.
john
On Fri, Oct 2, 2009 at 10:05 AM, Allen Deryke <[email protected]
> wrote:
Amen, this has been my exact experince with larger operations. A lot
of good people with their hands tied is what I've seen over and over
again.
-- Allen Deryke
On Oct 2, 2009, at 11:08 AM, Ben Greenfield <[email protected]> wrote:
> Having previously worked with a community along those lines, and
left
> for a smaller private company, I can say personally the bigger issue
> for me was never salary, it was culture and inefficient bureaucracy.
>
> In my limited experience I found that many government agencies and
the
> business partners who work with them had their hands tied by what
seem
> to the people in the trenches to be arbitrary policies that don't
> always seem correct. In my experience we were required to take
orders
> from multiple authorities, and often it was clear that they were not
> communicating effectively with each other, and would frequently
get in
> pissing contests that left everyone beneath them at a disadvantage.
>
> On top of that, the list of software and hardware we were allowed to
> use required doing a cross-comparison between numerous lists that
take
> aeon's to get approved onto. I can specifically recall situations
> where I needed to apply a patch, but that the patch would have
changed
> the version number, and the new patched version number wasn't
> approved.
>
> My .02 cents is that the .gov infrastructure badly needs intelligent
> infosec people making smart decisions, but that if they can't do
> something about the culture of inefficiency they won't be able to
keep
> the good employees motivated long enough to enact the changes they
> need.
>
> I have positive things to say as well, but they aren't as
> interesting...
>
>
>
>
>
>
> On Fri, Oct 2, 2009 at 9:41 AM, Jason Wood <[email protected]> wrote:
>> I read about this yesterday at the Washington Post. DHS is saying
>> that they
>> want to hire the best experts they can find, but the .gov salary
>> ranges have
>> never been very enticing. I wonder how well it will really work
out.
>>
>> On Fri, Oct 2, 2009 at 7:18 AM, <[email protected]> wrote:
>>>
>>> http://www.cnn.com/2009/POLITICS/10/02/dhs.cybersecurity.jobs/index.html
>>>
>>> This ought to make this interesting.
>>> _______________________________________________
>>> Pauldotcom mailing list
>>> [email protected]
>>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>>> Main Web Site: http://pauldotcom.com
>>
>>
>>
>> --
>>
>> irc: Tadaka
>> Twitter: Jason_Wood
>> jwnetworkconsulting.com
>>
>> _______________________________________________
>> Pauldotcom mailing list
>> [email protected]
>> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
>> Main Web Site: http://pauldotcom.com
>>
> _______________________________________________
> Pauldotcom mailing list
> [email protected]
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
>
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
