Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
I think there's multiple reasons for this. Bureaucracy is one, not seeing the need is one, putting other priorities higher...
Whether you agree on this security point or not, fact is that the amount of attacks and malware strains keeps rising daily so whether you care about security or not is irrelevant; if you don't give it thought, the chance of getting compromised is very much higher. -
whiskey08854y@linuxxx that’s my point. You’re more considered about the processes of producing what the stakeholder wants rather then producing what actually matters. What actually protects the organisation. Bureaucracy is the problem. Rather than fighting the stakeholder in the interest of preserving their safety - you succumb to deadlines and requirements. All a form of bureaucracy. Perhaps the agile philosophy isn’t what the industry needs. Perhaps agile promotes getting stuff done as quickly as possible and agile is precisely why security has become a “relaxed” affair.
-
@whiskey0 Yeah i mostly agree, just don't agree that bureaucracy is the problem by default. Not enough awareness doesn't have to have anything to do with bureaucracy, per se. (for example)
Related Rants
Security starts as soon as the project starts. Every decision you make needs to be one that considers whether you will compromise on security - but human beings fail to do this for one reason - bureaucracy.
rant
bureaucracy
security
itsec
infosec