On Fri, 11 Jan 2008, Suresh Ramasubramanian wrote:
disclaimer: Names replaced by X, Y and Z solely to render this little story fit for public consumption .. it took place at a nominally closed meeting. It wont take you too long to arrive at reasonably plausible guesses for X, Y and Z, so I will leave you to the guessing. No points for the right answer, no comment either .. what I'm pointing out is general enough that it could be any X, Y and Z companies,
Yep, and X, Y and Z could be companies in any industry. I've been at conferences where the A/V presentor didn't know the other part of the same A/V company. And conferences where the ASP presentor wasn't aware what the other part of the same ASP was doing about the same problem. And so on. Likewise, banks don't seem to be as concerned about identity theft as the victimes of identity theft who call their customer service reps; anti-virus vendors doesn't seem to be as concerned about malware as the victims of malware who call their customer service reps; mail service providers don't seem to be as concerned about unsolicited messages as the victims of scams contacting their customer service reps; law enforcement agents doesn't seem to be as concerned about crimes as the victims who contact their emergency numbers. Q: What do anti-virus companies really think about security issues? Q: What do banks really think about security issues? Q: What do law enforcement agencies really think about security issues? That's why I suggested to Rob and other folks the importance of listening to what they tell you how to work their particular processes. Every large organization has them, although often the real processes are unwritten. Once you understand how the organization works, its much easier to figure out how to make it work for you. Shouting at the mountain won't move the mountain out of the way, and will just leave you frustrated. But ask a native nicely for help, and you might learn about the trails and passes over the mountain.