I doubt that my group will likely survive past December of next year at best, and may be this December at worst. Senior management was sold a bill of goods by the senior manager responsible for our group so that he could keep his job and status. Instead of providing actual internal IT security for our firm, we are basically just a policy enforcement arm of HR. We terrorize the average employee for downloading mp3s and catch the occasional child porn offender while executives and administrative staff are allowed to accept and send credit card, wire transfers, business plans and other sensitive information to and from clients, vendors and service providers via unencrypted email. I couldn't get a keylogger ticket accepted because I couldn't prove that the person downloaded the software. I can only prove intent in those cases. So, in other words, we are only allowed to catch idiots, and we are not allowed to change fatally insecure business practices. As our fellow employees realize that their actions are being monitored and they modify their behavior, or are fired for it, our ability to generate the same number of tickets will decrease over time, a decreasing series converging to some number or limit approaching close to, but not equal to, zero. The fact that almost all worms have keylogger activity, are professionally made for criminal enterprises now, and are coded to evade almost all anti-virus scanning software means that sooner or later my firm will experience a major loss since we are a Windows shop. My unit's inability to affect real IT security policy coupled with our inability to maintain performance levels due to our successes and other factors will likely spell my unit's demise. My managers believe otherwise.
Labels: projections analysis security