Security Basics mailing list archives
Re: General question
From: Nathaniel Hall <lists () spider-security net>
Date: Fri, 23 Feb 2007 11:30:11 -0600
Francois Yang wrote:
what if your boss told you that the network engineers who maintain the network and servers got paid more (10k more) than you the security analyst because they DO MORE THINGS? what would be your reaction? In my situation I was like WTF (to myself of course) and basically said that it was a totally different area and job description. That also bought to my attention that maybe he didn't really read my resume, cuz I was doing network administration for the past 6 yrs before I got this job. Now what does that tell you about the boss and my job?
That would tell me that I'm not alone. There are a lot of people who have this problem because it is had to see what security does until something goes down or when systems are compromised. Even then they are usually upset because they have systems down. For me it is almost always an endless loop. I make requests for things to help our security stance. Instead I get more work to do because they think I don't do anything. Then the server I attempted to secure gets compromised. Then I get more work because they say I didn't do enough to protect it. Then it all starts over again. Trust me, you are not the only one. I have been educating my bosses for 3 years and it has started to sink in more and more. Now that I have gotten him to really understand security, he is leaving the company and my position has been moved under somebody else. Now I have a new boss to educate and he is one who thinks all security people are paranoid and the network should be open. It just gets better and better. -- Nathaniel Hall, GSEC GCFW GCIA GCIH GCFA Spider Security --------------------------------------------------------------------------- This list is sponsored by: BigFix If your IT fails, you're out of business - or worse. Arm your enterprise with BigFix, the single converged IT security and operations engine. BigFix enables continuous discovery, assessment, remediation, and enforcement for complex and distributed IT environments in real-time from a single console. Think what's next. Think BigFix. http://ad.doubleclick.net/clk;82309979;15562032;o?http://www.bigfix.com/ITNext/ ---------------------------------------------------------------------------
Current thread:
- General question Francois Yang (Feb 23)
- Re: General question Isaac Perez (Feb 23)
- RE: General question Craig Wright (Feb 23)
- RE: General question Craig Wright (Feb 23)
- RE: General question Devin Rambo (Feb 26)
- Re: General question Adam Kane (Feb 23)
- Re: General question Jason P. Rusch (Feb 23)
- RE: General question Robinson, Sonja (Feb 26)
- Re: General question Francois Yang (Feb 26)
- RE: General question Robinson, Sonja (Feb 26)
- Re: General question Joseph McCray (Feb 23)
- Re: General question Nathaniel Hall (Feb 23)
- Re: General question steve dake (Feb 26)
- RE: General question David Gillett (Feb 26)
- <Possible follow-ups>
- Re: General question krymson (Feb 23)
- RE: General question Kevin Feck (Feb 26)
- RE: General question Bob Radvanovsky (Feb 26)
- Re: General question Isaac Perez (Feb 23)