Security "Bits"

Here's why IT is resistant to change

By Rich Campagna | July 25, 2014 at 9:00 AM

White digital padlock over circuit board ground"The project was going great until Infosec stepped in and stopped everything, citing a bunch of security issues." That was something we all used to hear. Now it's more like, "Infosec tried to stop the project due to security issues, so we went around them and did it anyway." In both cases, the cause is the same - someone or some team in IT resisting new projects for one reason or another. Sometimes those reasons are legitimate, but that's not always true.

One common reason that we push back is that some portion of our sense of self worth is tied to our career, and we make the mistake of associating our careers with specific technologies - those technologies that we "own" and that play such a large part in our day-to-day. I hear statements like, "I stood up and made the case for this with the CIO/CISO," or "I'm the MDM guy, it's what I have been doing for the last X years." Anything that disrupts that status quo can feel like a threat.  

Very few of us start out this way. Our higher education system focuses on the theoretical over the practical. The objective is to teach us how to solve problems, not how to use specific tools to solve problems. At some point, many of us forget that our true value to the organization is as problem solvers, not as technicians trained on a specific tool. 

In other words, our value isn't derived from being the "firewall admin." Our value is in our ability to assess risk and find the best combination of people, process and technology to mitigate that risk. Both the risks and the tools available change over time, so we must continue to evolve our skills to adapt to that change. You did it once when you became the "MDM guy" or the "firewall admin." If you realize that periodically, you will be called upon to change again (and again), your career and your value to the organization will be much stronger as a result. And disruption won't feel like a threat, it'll feel like an opportunity.




see all