Security Basics mailing list archives
Re: Senior management really concerns about security?
From: Adriel Desautels <adriel () netragard com>
Date: Thu, 05 Jun 2008 13:36:30 -0400
Amen, I might just quote you on that.
Regards,
Adriel T. Desautels
Chief Technology Officer
Netragard, LLC.
Office : 617-934-0269
Mobile : 617-633-3821
http://www.linkedin.com/pub/1/118/a45
Join the Netragard, LLC. Linked In Group:
http://www.linkedin.com/e/gis/48683/0B98E1705142
---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com - "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security
Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know : http://tinyurl.com/26pjsn
CISO wrote:
Step 1: Document the risks and what they are attempting to do. Step 2: Attain sign off on those risks by the senior management. Step 3: If they do not sign off it is important to ensure you properly document. Step 4: Do what they ask anyway... which does not mean YOU accept the risk. Step 5: Keep your job. Information Security does not ABSORB the risk, we notify, document, and pass. Good Luck. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of acwang0048 () gmail com Sent: Thursday, June 05, 2008 2:36 AM To: security-basics () securityfocus com Subject: Senior management really concerns about security? Hi all, Just want to ask whether you guys have encountered some unreasonable requests from your senior management (e.g. ceo) whereby you as an IT personnel understands the potential security risks involved. But then, when you try to explain the security risks or consequence to them, they won'tlisten and just tell you they need this because of business function.At the end, you can't do anything but to adhere what they request. But then,this leads to so many exceptions created for senior management.Well, this is what I am currently facing!!! Anyone has a better way to deal with this? Cheers, Wang
Current thread:
- Senior management really concerns about security? acwang0048 (Jun 05)
- RE: Senior management really concerns about security? CISO (Jun 05)
- Re: Senior management really concerns about security? Adriel Desautels (Jun 05)
- Re: Senior management really concerns about security? romain (Jun 05)
- Re: Senior management really concerns about security? Kurt Buff (Jun 05)
- RE: Senior management really concerns about security? Sinha, Amitabh (Amit) (Jun 05)
- Re: Senior management really concerns about security? Kola Salami (Jun 05)
- Re: Senior management really concerns about security? Shawn A. Corrello (Jun 05)
- Re: Senior management really concerns about security? Adriel Desautels (Jun 05)
- RE: Senior management really concerns about security? Daniel I. Didier (Jun 05)
- RE: Senior management really concerns about security? Adewale, Akin (IT Services - Infosec Team) (Jun 06)
- Re: Senior management really concerns about security? afam mbanefo (Jun 06)
- Re: Senior management really concerns about security? Anjar Priandoyo (Jun 13)
- RE: Senior management really concerns about security? CISO (Jun 05)