They say no man is an island, but a lot of security pros get pretty dang close
9:00 AM -- Jim Burris works for a big third-party logistics company with a good-sized IT organization, but he works basically alone. His position is crucial to the organization, but nobody really knows what he does. (See Security Appliance Delivers for Kenco.)
In short, Jim is the typical one-man security team.
Here at Dark Reading, we do a lot of interviews with corporate IT departments, and it constantly amazes us how often the "enterprise security team" is actually just one guy. Even in some very large organizations, there is essentially one person choosing the key security technology, one person writing policy, and one person doing remediation when a breach occurs.
At Kenco Group Inc., Burris is the guy who gets the call at 3 a.m. when a new exploit from Russia turns up. He's the guy who implements security policy, the guy who chooses many of the key technologies that protect the company's data -- and the guy who hears the complaints when some end user can't remember his password.
It's amazing to us that in an environment like Kenco's, which blocks about 60,000 attacks a month, there isn't a little more help for a guy like Jim. But he's far from being outside the norm. In a world of hackers just itching to develop the next zero-day, many companies still choose to put the entire IT security function on the shoulders of just one person.
As we get ready for Thanksgiving, then, consider this our toast to the one-man shops like Jim's, where a single security person handles everything, from the business-critical to the ridiculous. It takes a special kind of person to handle that kind of pressure with savvy and a good humor. Any IT organization that has somebody like that to rely on should be truly thankful.
Happy Thanksgiving, Jim, and all the other single-person IT security teams out there. Hope you're not spending it alone.
— Tim Wilson, Site Editor, Dark Reading
About the Author(s)
You May Also Like
The fuel in the new AI race: Data
April 23, 2024Securing Code in the Age of AI
April 24, 2024Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024