Security

CEO arranged his own cybersecurity, with predictable results

Cleaning up after hackers is easy compared to surviving the politics of consultancy


On Call It’s the last Friday of 2023, but because the need for tech support never goes away neither does On Call, The Register’s Friday column in which readers share their tales of being asked to fix the unfeasible, in circumstances that are often indefensible.

This week, meet a reader we will Regomize as “Jack” who told us he was a consultant/client liaison for a managed security services provider (MSSP) that worked with an African banking outfit.

“We provided a lot of services after they were penetrated by a state actor”, Jack told On Call, adding that this incident sparked a “panic purchase” of defensive tools and the know-how to run ‘em.

Jack rated the bank's CEO as “possibly happy with our service but not happy with the cost.”

That attitude led to some robust exchanges between Jack’s boss and the bank CEO regarding the value of professional infosec services.

While the two CEOs were butting heads, Jack’s job involved monitoring a WhatsApp group used as an incident management tool.

And one Saturday evening, that group lit up.

Someone was on the network! Which was bad news in and of itself but also, perhaps, proof that Jack’s outfit was indeed a waste of money.

Working with the bank’s staff, Jack triaged the incident. All involved soon concluded the intruder was inside the bank’s building. Further examination suggested the intruder was in fact on the floor that housed the CEO’s office … indeed, in that exact office!

“It turned out the CEO had used their favorite cybersecurity provider to do an unannounced test,” Jack told On Call.

Jack’s CEO protested strongly, which did wonders for the already-strained boss-to-boss relationship because the bank promptly conducted a formal assessment of the MSSP’s work. In his mail to On Call, Jack described that experience as “like meeting an unhappy proctologist” and lamented that it was four long months before the relationship returned to a viable footing.

Have your clients worked against you and caused tech support troubles? If so, click here to send On Call an email so we can tell your story some time in 2024. ®

Send us news
128 Comments

I told Halle Berry where to go during a programming gig in LA

Five-star techies share stories of working from the lap of luxury

Computer sprinkled with exotic chemicals produced super-problems, not super-powers

The machine was so dead, hospital staff treated it like a corpse

Bad vibrations left techie shaken up during overnight database rebuild

Slow and steady wins the race, but sometimes flooring it saves the day

I can fix this PC, boss, but I’ll need to play games for hours to do it

Loyal Wingman has fond memories of memory register exceptions

Help! My mouse climbed a wall and now it doesn't work right

Support chap learns users will try to solve problems in non-obvious ways

Your trainee just took down our business and has no idea how or why

Oh, to have been a fly on the wall in the debrief meeting

Support contract required techie to lounge around in a $5,000/night hotel room

And be paid danger money while he did it

Techie saved the day and was then criticized for the fix

You can prove them wrong, but they'll still get you on a non-technicality

Do not touch that computer. Not even while wearing gloves. It is a biohazard

PLUS: Dodging rats the size of cats while repairing chewed-through cabling

Ad agency boss owned two Ferraris but wouldn't buy a real server

Resulting cycle of rushed repairs and recriminations did wonders for the IT/user relationship

What's brown and sticky and broke this PC?

Nothing, according to its user. But the techie who tried to fix it found a sweet solution

They call me 'Growler'. I don't like you. Let's discuss your pay cut

Tough guy act was flimsy: our readers fleeced him, then dropped him in it