Investors Bank and Trust CSO Jeff Bardin wrote an interesting blog post in May about how companies "taken private" by private-equity firms were cutting back on audit and security staff now that they were no longer subject to Sarbanes-Oxley.
This got me thinking that perhaps the recent credit crunch might be good for us security people in a couple of ways. First of all, less credit means less cash available to finance these deals that endanger the security budget. More importantly though, businesses are going to be more attuned to how making risky business decisions can have far ranging effects, and before taking these decisions they should be more informed about how big those risks are. Heightened awareness of risk-reward principles can only be a good thing for a security guy who is able to talk about risks in business language, and draw parallels between what is happening in the marketplace with the way an organization takes decisions around security.