Isn’t the proof in the pudding here?
The facts are in.
It’s pretty obvious this wasn’t one of the best software people.
This is a legitimate beef > IMO.
If I were a director, I’d be covering my posterior by appointing someone with a stellar education in the field, as well as a stellar resume in this specific specialty.
Her responsibility was to have a proficient security team and infrastructure. A brilliant geek isn’t necessarily the best individual for that role.
I hope not! Its bad enough when a little pudding spills on nice clean math homework....but that would really be too far.
while I understand your point, allow me to present the counter point that I always run into:
They are expensive (credentialed individuals)
Hardware is expensive
Process improvement is expensive.
It has been my experience that the main reason that cyber security programs do not get implemented is because the Sr leadership / board do not want to invest the time, effort or money.