Unfortunately so much of security entails working around the technology you have, rather than implementing the best policies that make sense to everyone. At most companies, IT security is a cost center, so executives will only spend enough money to just pass the yearly audit and then stop. Which means a security operations center (SOC) that should be staffed with ten people gets by with just two. And making an upgrade to your SIEM's license got cut this year, which means you need to store fewer logs which means those two people have less data to work from. And the company is still using McAfee EPO because more modern endpoint solutions cost too much so malware is running rampant across the network.
In another reply I talked about my experience working as an infosec analyst at a company where we had to implement a policy against streaming media because our security monitoring tools could not handle the constant stream of data. That policy wasn't written because streaming media is inherently dangerous, it was written because the technology the IT security team had was not capable of monitoring the network when a bunch of people were streaming music on the corporate network.
Ultimately IT security is a racket of overpriced and outdated tools which forces CISOs to make decisions like that. If anyone is looking for an industry to disrupt, look at infosec. A startup could easily double the value of the software and still be able to cut the cost in half and they would just absolutely destroy the big vendors. And/or get a billion dollar exit when Cisco or Amazon buys you out.
In another reply I talked about my experience working as an infosec analyst at a company where we had to implement a policy against streaming media because our security monitoring tools could not handle the constant stream of data. That policy wasn't written because streaming media is inherently dangerous, it was written because the technology the IT security team had was not capable of monitoring the network when a bunch of people were streaming music on the corporate network.
Ultimately IT security is a racket of overpriced and outdated tools which forces CISOs to make decisions like that. If anyone is looking for an industry to disrupt, look at infosec. A startup could easily double the value of the software and still be able to cut the cost in half and they would just absolutely destroy the big vendors. And/or get a billion dollar exit when Cisco or Amazon buys you out.