Security Controls You Won’t See in SP 800-53

Posted July 11th, 2007 by

Going back through my email makes me laugh.  As crazy as I probably seem to my blog readers, there are things that I can’t really share with the world.  This is not one of them, but it could be offensive to some people, so rest assured I’m joking, people.   =)

PS-9 Stalinistic Purge of the IT Department
The organization: (i) conducts periodic arrests and interrogations on any member of its staff deemed to have “significant security responsibility”; and (ii) asks personnel being interrogated to name three (3) of their accomplices.

Supplemental Guidance:
Geeks are like peasant-workers.  You have to intimidate them at periodic intervals so that they don’t think they can take over the business functions of your organization.

Control Enhancements:
(1) The organization establishes a “show trial” system to publicly humiliate personnel being interrogated as a deterrent to other personnel who might be considering challenging the management structure.
(2) The organization hoists the heads of those found guilty of “crimes against the organization” on a pike at the entrance to the organizations headquarters or data center.

Low: PS-9  Moderate: PS-9(1)  High: PS-9(1)(2)

Similar Posts:

Posted in FISMA, The Guerilla CISO | 2 Comments »

2 Responses

  1.  Vlad the Impaler Says:

    Dude! You’re onto something! Care t take a whack at the rest of it?!

  2.  rybolov Says:

    All in due time, my evil friend.

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

Visitor Geolocationing Widget: