Not the Presidents men
Security is all about risk. Identify then mitigate or accept. It’s all a balance. It’s never just about technology or process.
Where I’ve seen potential burnout is when security folk just cannot get past the ‘accept’ part. Sometimes with very good reasons. 99% of them are driven to do a really good job. But you have to be pragmatic in business. Then you make plans, provisions and adjust risk registers accordingly.
This is a long read, but good. It is one of those times you’re left with a bad taste. So…you adjust risk registers and make plans accordingly.
The President Ordered a Board to Probe a Massive Russian Cyberattack. It Never Did.
By not investigating the underlying weakness in Microsoft software that was key to the SolarWinds hack, the Cyber Safety Review Board missed an opportunity to prevent future attacks, experts say.
Lulu Ramadan
Being entirely too dependent on these big vendors is not a good idea. That goes for other Governments as well as businesses.