Comment by nostrademons
1 day ago
Somehow I think that the weak link in our government security is at the top - the President, his cabinet, and various heads of agencies. Because nobody questions what they're allowed to do, and so they're exempt from various common-sense security protocols. We already saw some pretty egregious security breaches from Pete Hegseth.
That's also the case in businesses. No one denies the CEO a security exemption.
Why would you? He’s literally the only person ostensibly in charge of the direction of the company. Destroying the company through a security exemption or a bad business deal - both are the leader making a poor decision due directly to his seat of power.
Give sound advice of course, but ultimately it’s the exec’s decision make.
There are many reasons to deny a CEO ... in a good company structure such denials are circled back around to the board for review.
Case in point: Allowing a CEO with no flight training to "have the keys" to the company <rare, expensive, uniquely outfitted, airframe> because they want to take it for a spin.
Sheparding Royalty in Monarchies has been a neccessary, delicate, loaded, and life threatening role for centuries.
Being a C-suite Groom of the Stool isn't a happy job, but somebody has to do it.
3 replies →
I have never worked in a company where an obviously incorrect CEO-demanded security exemption (like this one) would have been allowed to pass. Professionalism, boards (with a mandatory employee member/representative, after some size) and ethics exist.
30 years in about 8 software companies, Northern Europe. Often startups. Between 4 to 600 people. When they grow large the work often turns boring, so it's time to find something smaller again.
Ah, Northern Europe is probably the difference. This passes all the time in the US. It's probably more common in non-tech companies, as well.
1 reply →
CTO at a successfull cybersecurity startup I worked at long ago was exempt from critical security updates. She refused to restart her computer out of fear for her Excel state.
I used to work devops for a startup. The _only_ person who was exempted from 2-factor auth was the CEO. It's the perfect storm: a tech illiterate person with access to everything and the authority to exclude himself from anything he finds inconvenient.
>I have never worked in a company where an obviously incorrect CEO-demanded security exemption (like this one) would have been allowed to pass
You don't have worked in enough companies then.
Just for the sake of argument, you think anybody would have denied Jobs or Bezos or Musk one?
1 reply →
The phrase ‘Don’t you know who I am?’ Will be taken differently depending on corporate culture.
Been there. The CEO of an internet security company was the one who clicked on the wrong email attachment and turned a virus loose.
I mean, I don't know if he had a security exemption, or if anyone who clicked on it would have infected us. But he was the weak link, at least in that instance.
Hah no, weak links are everywhere at all levels. The stories just don't generate revenue for news companies.
A fish rots from the head back.
whether he is personally and directly responsible for this specific incident, his leadership absolutely sets the tone for the rest of the federal government.
[flagged]
It goes back long before the current regime. People may remember a certain cabinet secretary who ran her own exchange server in the basement.
It’s always fascinating how massive corruption is “whatabout”’d because someone years ago did something stupid.
Do you mean now, or then?
Bad is still bad, no matter what the party doing it.
[flagged]
Humans generally find "food safety expert sickens guests with tuna salad he left out overnight on warm countertop" to be a far more damning charge than "fire safety expert sickens ... warm countertop".
Dig up a live mic catching Hillary calling the IOC a bunch of self-serving scum just as Obama was begging them to award the 2016 Olympics to Chicago, and we might call it comparable.