Thread regarding AT&T layoffs

CSO ?

What’s your honest opinion of CSO?
Our team is getting hit with a lot of compliance work lately, and it’s starting to wear us down. With limited resources, it’s been tough to keep up. Just wondering what are your thoughts?

by
| 2204 views | | 16 replies (last ) | Reply
Post ID: @OP+1jqmgv1ya

16 replies (most recent on top)

The question is kind of a non-sequitur.

CSO churns out policies in response to what happens in the world. JS (or lapdog JL) say yeah great go go go. Same guys then ki-l programs x y and z that would close vulnerabilities in favor of a b and c. And then yell at employees who can't fix x y and z since everything costs money.

CSO is not good or bad. It's irrelevant, since it's real function is to provide legal cover so JS and JL can continue to collect their million$.

Basically when you are on the Titanic but you know a helicopter is coming for you, you have no need to worry about icebergs.

by
| | Reply
Post ID: @fd+1jqmgv1ya

How is the new security key different than rsa hard token we used to have?

by
| | Reply
Post ID: @ek+1jqmgv1ya

"You’re qualified to be on the board of directors"

Your implication is that there is inconsistency and contradiction, but you're reading a slew of opinions, not a single one.

The whole balancing act of security is in protecting the business, while also not hampering the business. We can be 100% efficient if we have no security, and we can be 100% secure if we unplug all the computers and servers. It's not an easy balance to strike, my opinion is just that on that balance scale, we're fighting efficiency too much.

by
| | Reply
Post ID: @e1+1jqmgv1ya

So y’all are complaining that cso didn’t prevent the business from dumping data into the cloud and getting it leaked. And you blame cso for getting in the way of business

You’re qualified to be on the board of directors /s

by
| | Reply
Post ID: @dv+1jqmgv1ya

Murray was surplused.

by
| | Reply
Post ID: @d9+1jqmgv1ya

Murray likes Secure Key!

by
| | Reply
Post ID: @d6+1jqmgv1ya

RTO and office surveillance should be the priority

by
| | Reply
Post ID: @ce+1jqmgv1ya

The two major security breaches where so much customer information was exposed tells you everything you need to know about CSO.

by
| | Reply
Post ID: @c8+1jqmgv1ya

As a developer, I feel like I'm bogged down

With cuts every day, it’s expected. They want you to burnout, so take it slow

by
| | Reply
Post ID: @b5+1jqmgv1ya

This new secure key su-ks ballz. It’s like traveling back in time. You telling me ATT wasn’t secure without these stupid things?

Btw I think the stickers all over the CSO areas with the VM virtual machine acronym with a circle around and and a slash through it are amusing. No VM’s permitted.

Great idea!

by
| | Reply
Post ID: @b2+1jqmgv1ya

As a developer, I feel like I'm bogged down, with half of my time spent fixing programs because of a new wave of security changes. It's frustrating. There's a balance between being secure and being productive, and I think we are erring on the side of security.

by
| | Reply
Post ID: @b0+1jqmgv1ya

It will get to a point where no one will want to develop apps our be responsible for apps. Other funny thing about CSO is how they can somehow protect GMs in non strategic locations. Our new CISO is not playing by the rules and has GMs randomly located in states where there is no hub.

by
| | Reply
Post ID: @az+1jqmgv1ya

All this compliance nonsense, is part of the deliberate plant to ratchet up excuses to cut people "for cause", simple as that. All AT&T is now is compliance dashboards passed down by management, they want to burn you because of some bs metric they dont even care what the metrics mean or are...

by
| | Reply
Post ID: @ax+1jqmgv1ya

“Secure key is just latest nonsense”

and no backup method to secure key - wtf happens if it breaks, inadvertently leave it home, other - several days out of work unless your location has a stockpile.

SMH

by
| | Reply
Post ID: @an+1jqmgv1ya

Secure key is just latest nonsense.

by
| | Reply
Post ID: @ah+1jqmgv1ya

They exist to make getting anything done too difficult to bother. Innovation cannot exist when our network data is treated like it is all nuke launch codes. All they do is make symbolic changes to be "more secure" that make everyone more miserable and have absolutely no protective value for customer data. We outsource the real data safeguarding to people in developing countries and expect them not to sell the data to criminals, then blame our domestic workforce and just add more layers of password BS and MFA nonsense to show we are "doing something about security."

by
| | Reply
Post ID: @a9+1jqmgv1ya

Post a reply

: