January 10, 2019 at 2:52 pm #170063Cathy UllmanParticipant
How many times have you read marketing propaganda for information security products that includes slogans that sound like the following?
- “Find out what’s lurking inside your system.”
- “With network security, if you’re not ahead of the threat, you’re cleaning up behind it.”
- “Your system could be infected right now.”
The difference between the first and the last example is a time span of almost thirty years, yet the tactics haven’t changed. Underlying all of these slogans is a theme of fear. Fear has been a prevalent marketing strategy in the personal computer industry since its inception. Ultimately, this fear is at least partially what gave rise to the information security industry as we know it today, and it’s exactly that same fear we must now continuously battle in order to actually build a more secure environment. Companies are so fearful of being breached, that they are constantly looking for a quick and easy fix to solve all of their information security woes. And if companies are so fearful, vendors as well as those in security have an entry point into the boardroom or the manager’s budget. Enter Cyber Security FUD.
[See the full article at: Cyber Security FUD – Fear and the Growth of the InfoSec Industry]
January 11, 2019 at 8:58 am #170067Michael J. ConwayParticipant
I love this article and it goes nicely with what I have experienced over the last decade that I have actively worked in InfoSec. What I find amazing is that we really don’t do basics well. We still think of our networks in terms of the old castle analogy. The firewall is the drawbridge to get into the castle and we thing that building a better wall is the way to defend. Yet, we learned time and time again that the castle is not that easy to defend and once cannons came along, became undefendable. In this age of InfoSec, we are once again facing cannons in the form of APT and uneducated users as well as the age old problem of saboteurs, the insider threat.
Is all hope then lost? I don’t think so. I think we can learn a lot from the world of physical security and the military doctrine of defense in depth. And that takes us back to the basics. We don’t leave our homes or our car doors unlocked. There is hope but there is no silver bullet. Thanks for the article.
You must be logged in to reply to this topic.