Hacker News new | past | comments | ask | show | jobs | submit login

With all the Equifax headlines today, I was wondering if there would be a few poor souls in the the Equifax Tech Department who feels atleast a bit responsible for the whole mess. ( I do understand it is a collective responsibility of the management as well )

edit: Was the analysis of the hack published?




The most frustrating place to be in these scenarios is the IT (especially security) department.

Go ask any security guy if they think their environment is secure. Very few of us will say yes. It frequently boils down to we ask for things, and there are budget/manpower/time limitations in getting them implemented.

So a breach occurs, execs say to IT staff "Why was this possible."

IT staff says "We requested back in <month> to fix this, and its working through the slow process"

Execs say "Why didn't you scream louder, identifying it as a critical issue"

IT: "There are 1000's of other issues, just like this one. The attackers just managed to exploit this one, instead of one of the others. We can't identify all issues as critical, because then nothing is critical."

Both parties stay frustrated thinking the other isn't doing their job right.


Yeah, hopefully this is one of those wake up calls where the management realizes to funnel more resources into IT and security in general.


You mean on the board of directors, not in the tech department.

Edit: people never seem to like it when I say this. The phrase "the buck stops here" has a meaning.


Haha. I meant in all layers of the organization. Could be the IT Security Department, Policy Department, Could be the homegrown development team, anything.


The H1B's are not going to sacrifice their chance at citizenship nor should they.


Why is H1B relevant here?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: