Why is it so hard to properly build a security team? I’ve witnessed both failures of building a security team.
First was a case of more people but no tools. The team was extremely bored and created work to make themselves busy. Very few people seem to want to spend all day viewing logs in security. The group obsessed over big brother activities. Instead of worrying about security, they worried about employee behavior. I’m sure HR was happy, but the organization was by no means any more secure.
Second was more technology.but no people. Technology was acquired and placed on the network. There weren’t people to properly implement not manage it. Sure, there are more firewalls on the network. but are they protecting anything? Not with any-any rules. Placing network sensors but ignoring the alerts doesn’t make the network any more secure.
Why is it so hard to get approval for people and technology? Every time I start hearing a company is amp’ing up their security presence, I have concern over what they are actually doing.