They say no man is an island, but a lot of security pros get pretty dang close
9:00 AM -- Jim Burris works for a big third-party logistics company with a good-sized IT organization, but he works basically alone. His position is crucial to the organization, but nobody really knows what he does. (See Security Appliance Delivers for Kenco.)
In short, Jim is the typical one-man security team.
Here at Dark Reading, we do a lot of interviews with corporate IT departments, and it constantly amazes us how often the "enterprise security team" is actually just one guy. Even in some very large organizations, there is essentially one person choosing the key security technology, one person writing policy, and one person doing remediation when a breach occurs.
At Kenco Group Inc., Burris is the guy who gets the call at 3 a.m. when a new exploit from Russia turns up. He's the guy who implements security policy, the guy who chooses many of the key technologies that protect the company's data -- and the guy who hears the complaints when some end user can't remember his password.
It's amazing to us that in an environment like Kenco's, which blocks about 60,000 attacks a month, there isn't a little more help for a guy like Jim. But he's far from being outside the norm. In a world of hackers just itching to develop the next zero-day, many companies still choose to put the entire IT security function on the shoulders of just one person.
As we get ready for Thanksgiving, then, consider this our toast to the one-man shops like Jim's, where a single security person handles everything, from the business-critical to the ridiculous. It takes a special kind of person to handle that kind of pressure with savvy and a good humor. Any IT organization that has somebody like that to rely on should be truly thankful.
Happy Thanksgiving, Jim, and all the other single-person IT security teams out there. Hope you're not spending it alone.
Tim Wilson, Site Editor, Dark Reading