Comments: Stakeholders in Security

Stakeholders seems to me to be the jargon of the modern project manager. In general its the people one has to please to keep ones job. It suggest some kind of equity principle being applied to a process of security, when in fact the objective is to avert risk from the design and render secuirty an assumed risk of the end user. The perfect example of this is Microsoft. The company has released its source code to questionable entities and with held it from those that would use it to make the system more secure. Security is from the creators standpoint a risk to be avoided at all cost and assumed by the enduser.
There are no stakeholders, there are however those that have assumed a risk without the proper knowledge to apply it to the creators of the products they purchase. The great area of unknowing assumption of liability by consumers as it is pushed out the door. The unrealized expectations of users is a void waiting to be filled by a design of a creator who sees it. None have seen it because it is seen as a marketing event, and item that can be branded. Apple is suggesting it in their anti-Vista advertising and probably does have a good ethic behind their work. The stakeholder is not the end user since the risk of producing unsecure applications does not find a home in the stakeholder and is displaced to the enduser. This transfer will eventually become the epic of legal matters once the legal expertise exist to present this complex transfer of risk and produce a judgement that make gains against the malware that litters the world today. More lawyers are needed to present in a civil venue the complex nature of the this transfer.

Posted by JimN at February 7, 2007 06:32 PM

The term, like many, can be broadly used and overused, as well as abused. Obviously in those areas where consultants rampage and charge for the privilege, it is much trampled upon.

This means that it is easy for people who've been burnt by the consultants to blame the terms. Sad, but inevitable, those who wait for others to tell them what to do generally get burnt when someone ... tells them what to do.

Posted by Iang at February 8, 2007 01:59 PM

From a recent interview with Wendell Weeks, CEO of Corning:

"When you don't have very many long-term shareholders and you have a company that thinks in decades, that can create some tension between stakeholders, and what we have to do is balance that. We also have to run our company for the stakeholders of the future, as well as the stakeholders of the moment. We try to overcome that by being very transparent, so people know what it is they're buying into. We try to be very open about what our plans are. And we try to be very open about the risks of our model."

http://www.newsobserver.com/126/story/541231.html

Cheers,
Doug Ludy

Posted by Doug Ludy at February 9, 2007 11:14 AM

And there I was, always thinking that stakeholders are those specimen that generally like to hover in the vicinity, patiently waiting to plunge their (wooden) stake in when things don't go exactly as predicted.

See also sword of daemocles.

Posted by Saso at February 12, 2007 06:26 PM
Post a comment









Remember personal info?






Hit Preview to see your comment. 
MT::App::Comments=HASH(0x565491b4ab68) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.