checkliStS anD StanDarDS evangeliStS 57
holes—but generally, operations teams cannot be expected to know
enough about security to eciently meet the challenges in security by
themselves (I will talk about this point in more detail in Chapter 4).
Network operations sta told me they learned a great deal from the
security program, and from that point on, whenever they were planning
changes in infrastructure, they would come to security rather than the
usual situation wherein security has to chase other teams, who over the
years had become experts in security department evasion tactics.
IT operations were at rst a very dicult team to deal with mainly
because there was a mistrust that came from several years of security
teams just blocking ...