I’m in the same position as this guy, at least in title not legacy. I work my ass off to do everything I can as safely as possible. If you have perfect security you have a budget problem. Nobody wants to make these mistakes, you just need to negotiate with product for resourcing and the ICs with manager buy in on process changes. Sometimes you can’t get that culture. I document every suggestion the business says no to and get a risk exception. Budget is a thing.It’s not like we don’t care. A lot do. I am responsible. I bet my future on it.
The inability of the company to have good cyber is that they have product profit problems. Especially in public companies. Someone should come in to get more income from the business and then they can afford to do the right thing.
No comments yet.