How Secure Is Cyber Security?
July 27, 2022
I have noted that cyber security companies invite me to webinars, briefings, conferences, and telephone calls. The subject of these calls is usually advanced, next-generation, proactive, smart, and intelligent cyber security solutions. The idea is that I will mention these firms in my lectures to law enforcement, crime analysts, and intelligence professionals. I sit through some. One outfit offers weekly seven to 10 minute reports about some new, absolutely horrible cyber threat. Others want me to join a Zoom to watch a series of PowerPoint slides showing how the latest Zero Day will make life miserable for companies without their cloud-based security system.
I then read item after item about a new variant of a RAT, an exploit taking advantage of the Swiss cheese of enterprise software, or some new dump of personal financial data on a Dark Web site selling fulz. It seems to me as if the cyber security sector is better at marketing than delivering cyber security. That’s just my opinion, and I usually don’t make a big deal of the veggie burgers being sold as 100 percent prime sirloin.
I read “Digital Security Giant Entrust Breached by Ransomware Gang.” The article does little to make me feel warm and fuzzy about cyber security systems and their vendors. I learned:
Digital security giant Entrust has confirmed that it suffered a cyber attack where threat actors breached their network and stole data from internal systems.
Who are the customers of this “digital security giant”? The write up reported:
This includes US government agencies, such as the Department of Energy, Department of Homeland Security, the Department of the Treasury, the Department of Health & Human Services, the Department of Veterans Affairs, the Department of Agriculture, and many more.
Great. How effective are those whiz bang cyber security systems?
Yeah. I think I know the answer. Marketing is easier than delivering cyber security that works.
Stephen E Arnold, July 27, 2022