IT security rationalisation
The austerity program for ITSM without the pain
It is commonly accepted that ITSM operational costs grow 'naturally'. In other words, control and protection mechanisms tend to get layered on top of each other accumulating cost. With expensive skill investments and IT decision makers not wanting to write-off equipment that is not yet end of life, it comes as no surprise that security equipment and related processes, often remain in operation far longer than their sell-by-date.
Consequently, any new 'urgent' IT security requirement tends to get built on top of legacy thus layering on additional opex.