The conflict between Business and Security

The main purpose of business dpt. is to develop business and earn money.

The main purpose of Security dpt. is to secure the core business by spending money.

Every time business hopes low cost and easy use, while the security hopes secure enough no matter how trouble it takes.

Business always breaks rules while the security defines strict rules.

Business is the core of the company which earn money. Security is just the internal supporting which spend endless money without obvious profit.

So the high level managers like business and hate security. Without high level support, security lacks the power to fight with business. Without good security protection, business get affected in several security incidents. Company’s reputation becomes worse and the business goes down. So that less incoming money makes even worse security protection. Security incidents again and again… That’s the bad loop.

It is quite clear, the conflict or the gap can be fixed.

Business should understand the important of security and accept security’s advice.

Security should balance the security requirement VS. cost effect and try to make security methods easy to use.

One thought on “The conflict between Business and Security”

  1. Really a bad loop, but the important thing is to find the balance. It is not bad for the high level managers like business, otherwise, no income, no money can support the whole company. But I think they really know that Security is necessary, otherwise, there will be no security dept.
    So all they want is to find the balance, less money to do more…..

Leave a Reply

Your email address will not be published. Required fields are marked *