A friend of mine is, what I would refer to as, a C list rock star. He’s fairly well known in music circles, has released a couple of albums, gets invited to award ceremonies but you’re unlikely to see him on a magazine cover. For starters, he’s far to ugly. Neither is he rich enough: when his band plays a gig he usually takes the bus to get there.
A few years ago I was invited backstage by him following a concert where his band opened up for another at the NEC in Birmingham. Imagine my disapointment when instead of the groupies, free drink, and all night party that I had visualized, instead there was the backstage equivalent of a creche where various children could be kept entertained while their parents had their alloted 90 minutes of stage time. More Mormon baptism than Roman orgy.
More recently my friend has been bemoaning his lot in life saying that he has lost interest in playing music. “But it’s what you always wanted to do” I said. “True, but we should be careful what we wish for” he replied.
What’s all that got to do with security and risk? Admittedly not a lot but then today I was expecting to be able to write about an exciting presentation I attended on how ITIL version 3 can make security governance easier, better, faster, and more integrated with the business. Some chance!
In reality it was the least engaging presentation I’ve ever attended. I recall that the second slide (of about 458) was headed “Be careful what you wish for” and another slide contained the following dead lump of text “It will require the ability to conceptualize, deliniate, and design the risk relevant parts of a business service.” The presenter, who may just as well have been a pre-recorded voice-over to go with the slide-deck, also mentioned his “hot buttons” and used the word “architecture” so many times I thought he had a tic.
So, I have wasted a day because of ITIL. I have a sneaking suspicion that many more days have been wasted – and are being wasted across the land – because of it. But that’s another story altogether.