These can be tough problems, but they’re mostly not immune to making prudent leadership decisions and caring about the cause of concern. I’m good friends with one computer hacker who despite having extraordinary security chops and being a great person is, (I believe), mildly to moderately autistic, an alumnus of a no-name college in Texas, and generally terrible at perception management or professional networking.
To me, that sounds like a person who’s ill-suited to managing security practices at a company. Being good at security is about convincing other people to make design decisions that make their lives harder but that end up with a more secure architecture.
It’s useful to have people like this around to spot problems but it’s not enough. You need more to actually have an organization that gets their security decisions right.
I didn’t necessarily say a person like that would be a good pick for a CISO. I am just impressed that Tesla was able to find them and hire them for the technical position that they did. It suggests competence.
Then I don’t see how the example is relevant to the issue. The problem of Samsung isn’t that they don’t employ anyone who’s good at design. It’s that inside the organization it’s impossible to give those people who are good at design the power to shape how the final design looks like in a way that’s similar to Apple.
To me, that sounds like a person who’s ill-suited to managing security practices at a company. Being good at security is about convincing other people to make design decisions that make their lives harder but that end up with a more secure architecture.
It’s useful to have people like this around to spot problems but it’s not enough. You need more to actually have an organization that gets their security decisions right.
I didn’t necessarily say a person like that would be a good pick for a CISO. I am just impressed that Tesla was able to find them and hire them for the technical position that they did. It suggests competence.
Then I don’t see how the example is relevant to the issue. The problem of Samsung isn’t that they don’t employ anyone who’s good at design. It’s that inside the organization it’s impossible to give those people who are good at design the power to shape how the final design looks like in a way that’s similar to Apple.