System Shock

The negative sell is always the hardest to make, ”Do this to prevent this horrible outcome”. You rarely know if you were successful or not. The great leader stands on the rubble of the collapse with his call to action, inspiring the people to pull together, however, the man that prevents the collapse to begin with is never known.

It is a well worn cliché that crisis is the best opportunity. Preventing crisis, however, is no opportunity at all. Often, whether the crisis is prevented or not becomes a game of speculation. Claims of success are frequently met with incredulity; it was never a threat to begin with, it was a matter of chance, fate, you got lucky. As long as quotidian affairs continue there is very little recognition to be found in prevention.

Despite the foregoing which is all painfully obvious, many still focus on ill conceived notions like ROI for security. One should focus instead on what the true by product of information security and risk management is, to wit, survivability. A well executed risk management program permits a company to survive situations like the current one or specific freak accidents. One cannot predict the event or its magnitude, but it will arrive and those whose sole focus is growth invariably fail. The world is unpredictable and unforgiving.

One thought on “System Shock

  1. Problem is, unless you’re a financial institution (and sometimes even if you are), smoke is insufficient to rally a leader to embrace a security effort. That’s part of the belief that IT, as a general rule, is more often than not a cost center and rarely a profit center. I couldn’t agree more with your premise.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s