Information security is not recession proof

I keep getting told how lucky I am to be doing a job perceived to be “recession proof.” Personally I don’t think this is the case. If the company were to go down then I doubt there would be much room in the lifeboat for security awareness programmes and risk models. Don’t take anything for granted these days.

Especially don’t take it for granted that when somebody says they have lost their laptop computer that they really have lost it. I heard some anecdotal evidence yesterday that a number probably end up “re-assigned”…i.e. son/daughter about to go to college. They get the old work laptop and daddy goes to the office and gets a new one. In these hard economic times there’s likely to be a lot more of that sort of thing going on.

In fact, internal fraud and corruption are all expected to rise. Petty theft is one thing, but data theft is quite another. During the same event yesterday some of the motives behind internal data theft were presented. One particular quote from a convicted fraudster stuck in my mind “…working in a cold room, paid minimum wage, customers phoning in with their credit card details. I realised I could make more from that information than from my salary.”

There remains a serious threat from company insiders. See my blog from the beginning of August where I discuss this in more detail.

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

It's sad, but things that management deem as unnecessary like "IT Security" get thrown first. Which doesn't seem like a great idea when you look at the bigger picture. If your company is in dire enough straights to need to cut back on expenses, there are lots of other people in similar (or worse) situations, and desperate people do desperate things. Without IT security making sure things are running tightly, it would be much easier for someone to steal corporate information and hold it ransom, or just sell to the highest bidder. These sorts of things happen even in the best of times. When there's more incentive, you can't expect they'll decrease in frequency.
Are you guys high? The one thing corporations hate is people stealing their hard earned millions. Lets face it when everything is said and done we will end up with more regulations in the financial and IT environments and we will need people to enforce and implement controls to comply with those. Law enforcement is completely overwhelmed with crime cases involving technology and they have no clue what to do. They are cops, not geeks. What we do takes a much more intelligent person then most professions. I don't see a bunch of people flooding the IT Security market because its not an easy job. I don't think my family will go hungry any time soon.