11:23 Peculiarities of national security information | |
Rereading a debate in the Ukrainian team of specialists on the IB on LinkedIn, I could not resist and outlined his thoughts on the small articles. After two or three timid comments moderator closed the topic, because in his opinion it does not lie in the plane of the IB. I do not think so. That's actually what I think about it. Business Ethics (I'm not talking about morals, morality - it is a bit more) - what is it? Why do it? How do I use? How do you monetiziruete ethics of their business? After almost two years ago, spilled quite a few large banks, the issue of business ethics privsplyla bit, but then sank as unnecessary. I'm talking about the fact that several commercial establishments that had a high reputation, monetized it simultaneously with the method of "Hope!" Ie withdraw funds from the distressed assets and debt shifted onto the shoulders of ordinary townsfolk. Hardly Gilenko built the bank "Nadra" to "throw" a certain number of depositors. But when it became clear that, to be honest, the bank - "not live", it was decided to "save those who might like", and the owners of the means of salvation was Pobol than ordinary depositors. Reputation, which was created over the years, has been converted into a wholesale profit. And it can be in any business. But I'm not even about business ethics as such. I want to talk about more simple things - about information security (IS). We are carrying out their work, creating a different system of IB. What we are guided in their creation? What we write in the section of TK "Grounds for development? We are writing: "Regulatory Documents", "Industry Standards", "Modern Technology", "market for specialized equipment and software", "Best Practices", "The experience of implementing such systems, something else. But we think: "The maximum profit." Many times I am faced with the fact that many problems can be solved by the IB administrative and operational measures, but to solve them buy expensive equipment and is carried out active administrative and operational measures. Someone asks me why? Or all, and so clear? Both sides - customer and the executor in the person responsible at every level sit around the field with the name "Information Security" (the same is true for IT in general) with only one thought - "that we have plenty of it and us for it was nothing. " Now I do not want to talk about competition between integrators and specialized companies (market players - residents) and the role of kickbacks in it. Although now, even in competitions between the vendors of the key factors are often pullbacks. Kickbacks were the greatest (I hope that is not rynkoobrazuyuschim, although no one has statistics) "driver" of business IT and IS. IT and IS are fish, remora on the body of the production, trade and service industries. I once asked a successful sales manager - did he have in recent sales without kickbacks? "- In response I heard a long pause, and then some flowery explanation of why the kickbacks - it's not as bad as me seems at first glance. Even if you make a face brick and sponge bow (ie, ignore the question of ethics in kickbacks - many work at low rates, because the employer believes that the IT / IBshniki yourself the rest is stolen), it still remains the question of optimal planning and IT / IS budgets. I want to talk about how the kickbacks make our IT and information security solutions are not optimal. Choice decisions are often determined by inflation of budgets and kickbacks rather than technical features. In one large private (!) Company, I saw a picture of two different departments over the years built two different systems of network security (with the money we could build one, but twice the functionality). Almost every department had its own server in the ICC was more than one system SAN. Moreover, few people think that once sat on a needle kickbacks, the professionals involved in the decision to purchase, can not remain objective in the selection of IT / IS solutions. After all, if he wants to "jump" with not the best vendor in favor of another (there also give kickbacks) is more optimal, then it is could "get out sideways - he faces disclosure of kickbacks, loss of reputation as a specialist. Now IT / IBshniki cope with it through the regular rotation (change jobs), but the essence remains the same. Total, comes an interesting piece - IB office at the plant (part of SB) should protect businesses from economic loss, but who will protect businesses from information security services? What are the thoughts on this? Steam or no steam in this regard? Or is it I'm so angry because I have a bike did not exist? P.S. Yes, there are people to whom the above does not apply, I know, but I'm not talking about them. | |
|
Total comments: 0 | |