Two VPs within CSO announced either retirement or leaving the business on less than 3 days' notice. Something fishy is going on with the higher-ups for those making $350,000+ to walk with 3 days' notice.
20 replies (most recent on top)
OMG you people have no clue, first the "And everyone knows that CSO had to outsource the operations to AT&T Cybersecurity." The part of the Cybersecurity team that supports operations was the old Manage Security Services team that has been doing this since around 2000. They do not support internal security they support customer security for Firewalls, Intrusion detection, etc... As to the Certificate issue, CSO has architectural responsibility for the security platforms maybe even operational in some cases but application owners are responsible to manage there certificates not CSO unless it was a CSO application that caused the outage which it was not. So if the outage was cause by Astra as an example, then CSO would be at fault. Obviously Astra did not play any role in this, I am using it as an example because most people should know what that platform is and what it does...
"Um, no, app or system owners mange their own certificates using KeyFactor, CSO has nothing to do with certificate management directly"
Agree with the above. One of the VPs was head of the IAM group and had nothing to do with the systems involved in the outage. And CSO doesn't run the operations teams that manage certificates. It was definitely a gutting, but I don't believe it was related to the outage.
CSO does cause the outage though. They managed the use of the certificates that expired.
Um, no, app or system owners mange their own certificates using KeyFactor, CSO has nothing to do with certificate management directly
Definitely sounds like they were targeted as scape goats. Both VPs, one woman, one man so they can't claim discrimination. Really quit on the reasons and nobody gets what the chief security office has to do with the network outage if you "believe" the reports for the reason.
“2/3 of the CSO VPs are out with a three day notice. How is that not gutted?”
This is called a good start.
CEO does cause the outage though. They managed the use of the certificates that expired.
And everyone knows that CSO had to outsource the operations to AT&T Cybersecurity. No one would buy it if we weren't using it ourselves. It was a huge problem until 2021.
Gutted? Not sure I would agree.
2/3 of the CSO VPs are out with a three day notice. How is that not gutted?
40% of CSO VPs are gone by the end of the week. That would be gutted.
Gutted? Not sure I would agree.
Maybe went to Frontier.
Once again AT&T cybersecurity is part of ABS and not internal CSO. The cybersecurity unit within AT&T business was selling managed security products to business customers. CSO is for internal cybersecurity. Below is wrong info for CSO:
“Company is being sold to private equity.”
Who is leaving? Is it announced in internal company websites?
Paid to leave.
Mind your business. COBC violation
https://www.youtube.com/watch?v=afhMMcAHlKw&t=55s
Company is being sold to private equity.
T helped them realize they were in a different station of life.
I made the decision to let them go
Mind your business. COBC violation
Probably got hired by a competitor or similar segment provider, and need to exit quickly.
Certain relationships with certain accounts or partners can be far more valuable than some job or leadership skill sets.
Outage scapegoats would be my guess.