Thread regarding PepsiCo Inc. (Pepsi) layoffs

Layoffs abound, InfoSec still bloated and hiring more

In the midst of yet another round of layoffs, we have the continual growth of one of the most over-funded and worthless organizations in the company - Information Security. They just announced the hiring of a VP and Deputy Chief Information Security Officer from outside the company and are constantly hiring new L10 and L11 positions like "threat hunter" or crazy names that make it sound like we're the NSA over here.

The most ridiculous part of the org is that they don't own anything. They set policy and then leave it up to everyone else to enforce. They don't even monitor whether their policy is being enforced. In reality, Information Security is waaaaay overfunded, misguided, and staffed with a bunch of inept paper pushers.

So when people are given the boot in the coming weeks, don't be shocked if some of those dollars are reallocated to some cutting edge initiative that allows a contractor to sit in a "Fusion Center" and watch a bunch of TVs while writing a policy standard that will be shelved and never enforced.

by Anonymous
| 3021 views | | 7 replies (last February 19, 2019) | Reply
Post ID: @OP+XwI1A41
Comment! It's anonymous!

7 replies (most recent on top)

Come on now. Info security is critical! We all know the Chinese and Russians are trying to hack into our systems to learn the formulas behind our dying soft drink businesses.

by Anonymous
| | Reply
Post ID: @bfcl+XwI1A41

@XwI1A41-box agreed 100% on the lack of centralized strategy. Perfect example is the great decision to start 2019 AOP projects and then after the new year approve an infrastructure upgrade resulting in 5+ week project delays and $ lost to retain teams or drop and resume projects. Unbelievable.

by Anonymous
| | Reply
Post ID: @bzpp+XwI1A41

I think InfoSec's inability to enforce its own policy speaks more to PepsiCo's horrendous governance rather than a shot at the function. This isn't limited to security--PepsiCo just doesn't have a centralized IT strategy. We can only do what the business tells us to do, and the results are that things cost more and take longer.

by Anonymous
| | Reply
Post ID: @blxx+XwI1A41

...or you could just go join them. Cyber is the IT industry's hottest thing.

by GoneButNotForgotten
| | Reply
Post ID: @4qzw+XwI1A41

They are about as effective as the TSA. It's all theater.

They will spend multi-million dollars on technical security solutions but then leave the back door unlocked because it's not within scope, or it's legacy, or any number of other reasons

by Anonymous
| | Reply
Post ID: @3rmq+XwI1A41

I thin Jody Davids, CIO SuperPac approves this message

by Anonymous
| | Reply
Post ID: @1mcv+XwI1A41

What happens if there is a security issue? The CIO gets the axe. If I was the CIO InfoSec would be the most bloated group in the org. Everything else can be justified (e.g., how many projects are slipping???) but a f---up on the security side will get you fired.

I could care less how many people work there, I am not affiliated with any of them, I am just saying it makes sense to overstaff there.

by Anonymous
| | Reply
Post ID: @1opa+XwI1A41

Post a reply

: