Re:out of control IT guys (Score 1)

"Security is secondary". Okay. How about in the banking world? How about securing a nuclear deterrent? Your generalization goes too far. IT's direct responsibility is as a business enabler. Users are one extremely important part of that, but business requirements vary by industry and project. In many sectors, security requirements are a business requirement, stipulated by customer, regulation, industry standard, or funding source. In these cases security is the prerequisite to the business. Without security, no business, no users. Example: If the lab in question receives grants, or works with human subjects or their data, they must handle the data according to grant or NIH stipulations, or risk losing their funding.