> apply SP2! The CIO kept saying that he could hear me > saying "I told you so". The CIO lied to the CEO and > said that it was not a Admin level intrusion, but > merely a rouge FTP account used for Warez. The > cracker could have formatted the drives with data at > any time!
Morally speaking, its your duty to inform the CEO about this. I would, but be careful... > Do they promote me? Reward me? No. Apparently, they > are too embarrassed as my CIO and Managers that they > are incompetent in security (they setup up the systems > this way, after all), and seeking to keep me quiet, > they demoted me so that I wouldn't be responsible for > security anymore. As far as I can tell, the only > reason I was promoted to Security Manager was so that > they could have a fall-guy when things went wrong "How > did they do that? Weren't you doing your job?". But > when their scheme backfired and I actually did such a > good job that their position in front of the CEO was > threatened, they decided to keep me quiet. Go look for a new job TODAY. This is a horrible situation, and it sounds like you are not certain if management will trust you. > Am I being paranoid? Am I overacting? Your > perspective from your experience would be greatly > appreciated. Also, after I leave, should I send a > letter to the CEO about this? At the least. You are providing a service to lots of customers; your CEO needs to know. Good luck. P
