The Societe Generale report

Societe Generale (and their auditing partner PricewaterhouseCoopers) has announced the results of their investigation into how Jerome Kerviel managed to lose US$7B. Conveniently, their release came out at the same time as my article about security lessons learned appeared in IEEE Security and Privacy.

Dark Reading has a good summary of the Societe Generale report. It's nice to know that my article (which I wasn't paid for) comes to largely the same conclusions as PWC, which probably got paid US$1M or so. Of course, any competent security specialist could have figured out most of the probable causes - the only thing that I didn't know is how many of them were the actual causes, and for that the PWC report is worth reading.

How long between switching jobs?

When I graduated college, I went to work for Bell Labs. Three years later I quit - and my father-in-law was aghast that I'd leave a job with a major corporation. In his generation, you worked for one company your whole career. I've now been in the workforce 25+ years, and worked for eight companies, including 8+ years with my current employer. The early years, where I switched every 2-3 years, were a mixed blessing - gave me a view of different organizations and helped increase my salary, but I think I made a mistake in not looking for jobs inside the organization before looking outside.

Anyway, I was amused by this requirement in a VP sales job posting sent to me recently: "Job tenure of not more than 3 jobs within the last 5 years proving you have staying power. " Wow. By that standard, I could have worked for nearly 20 companies so far! (Yes, I know that longevity for sales people is different from technical people, but calling that "staying power" was amusing.)