|
The IT world is overpopulated with folks whom I (as a 7 time CIO) call professionally Paranoid. They are partly driven by a fear of hacking attacks against what is usually very poorly designed networks, partly driven by an unfounded fear that any data stored in computer servers is to be protected at all costs whereas the reality is that if it was stolen by the competition it would set them back 10 years and lastly driven by a desire to be important and puffed up "pigeon style".
Most of them generally do not subscribe to the balanced risk model where businessmen take measured and reasonable risks as a tradeoff against benefits in other areas. They are not wired that way.
In my last CIO gig I had a vociferous debate with the security team as to why my bank only needed a 6 character password with one special character, yet they were advocating a 12 digit password. They could not explain why I could get a mortgage or move money with 6 character protection whereas the company's email drivel required 12....
There are now new people in that role....
Dennis
|