Despite Acronyms, Ineffective Cyber Security Persists

May 7, 2021

I want to be brief. I read “XDR defined: Giving Meaning to Extended Detection and Response.” The write up is a commercial for a forthcoming flurry of fuzzy reports from assorted mid-tier consultants. Some of the big blue chips are embroiled in management dust ups and legal matters related to opiate marketing. So the mid-tier crowd has a chance to sell reports and billable consulting hours. Furthermore some vendors of cyber security products and services will rush to the party.

The article is about the outfit doing business as Forrester. I learned:

Forrester has released research on what XDR is, what XDR isn’t, and what clients need to look for when evaluating XDR solutions. This research is a rigorous breakdown of what to expect from XDR solutions based on interviews and survey results from XDR end users and over 40 security vendors.

Well, what is XDR in the current environment of SolarWinds, Microsoft Exchange Server, and assorted breaches involving Facebook and dozens of other outfits? XDR is shorthand for extended detections and response.

The hitch in the git-along is that cyber breaches are a today problem. Presumably many firms have one, two or three cyber security solutions, threat intelligence updates, and smart software like the high profile, yet debate sparking Darktrace.

From my point of view, existing cyber security solutions did not work for the months which the bad actors had to exploit SolarWinds. Then the Microsoft Exchange Server issue. These have been followed by VPN exploits, wonky partners with ties to ever cozy bears, and assorted database thefts.

The fix is an acronym and a report?

I don’t want to be skeptical, but the problem is that marketing is now more important than delivering cyber security information and solutions that prevent breaches. As a point of fact, the compromised systems in the US Federal government and an unknown number of organizations are now compromised. Do we have a cyber security system capable of dealing with the sophisticated exploits used by adversaries.

The answer is, No, not XDR.

Stephen E Arnold, May 7, 2021


Got something to say?

  • Archives

  • Recent Posts

  • Meta