Cyber defense faces a growing disconnect between perception and reality.
There are two main camps in the information security world today, and their arguments can be compared to the recent football debate as to whether Tim Tebow (photo below courtesy of Jeffrey Beall/Wikimedia Commons) can be successful as an NFL quarterback in the long term.
In one camp, we have salespeople, marketers, various security entrepreneurs and "experts" telling executive decision-makers that cybersecurity is straightforward, if you just do it their way. This is strikingly similar to sports pundits who insist that a quarterback with limited passing skills (i.e. Tebow) simply can't cut it against today's sophisticated NFL defenses.
In the other camp, we have self-described pragmatists who in practice often trudge cyber around like Eeyore the donkey, proclaiming that hackers with zero-day exploits not only can get into your systems, but in fact are already there, and will never leave. This group corresponds to Tebow's most ardent supporters. They've made their decision regarding Tebow, and their "he just wins and has a great attitude so ignore the rest" argument seems to trump other measures of success.
See more at: http://www.computerworld.com/s/article/9223132/Blind_spots_How_cyber_defense_is_like_stopping_Tim_Tebow?taxonomyId=17
I'm not a hacker or even a genius with a PC, merely interested in the 'growth industry' of cyber, or information, security and will share any stories and news items I find on the subject.
No comments:
Post a Comment