“vendors continue to delude customers by urging continued sales of useless products” and are “sowing confusion and creating much harm.” – McAfee co-founder John McAfee
Read this interesting article in it’s entirety on CSO Online from IDG:
“These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.” – Google researcher Tavis Ormand
Read the complete article on CBC News:
“The reality is that cybersecurity is a corrupt industry that needs bad guys to stay lucrative.”
Read the entire article on TNW:
Read more on SC Magazine:
“Some security providers may make unjustifiable claims about their products, whereas others may make legitimate claims and simply aren’t pursuing state-of-the-art security.” Read more in this article on datacenterjournal:
Password protection, facial recognition and access controls
-an article on helpnetsecurity.com sourced from hackers attending Blackhat USA 2017
- Password protected documents
- Face recognition
- Access Controls
- Network Firewalls
- Fingerprint Authentication
- The top five data security blind spots are unmanaged devices (61 percent), not-up-to-date systems, applications and programs (55 percent), mobile devices (36 percent), data at rest in the cloud (26 percent), and traditional on-premises security (20 percent)
- Password-protected documents (33 percent) were ranked as the least effective security tool, followed by facial recognition (19 percent)
- Facial recognition was rated as the worst tool six times more often than fingerprint authentication – an interesting insight in light of the new iPhone’s shift to face-recognition security
- Almost 60 percent of respondents ranked phishing as the number one method of data exfiltration, followed by malware and ransomware (27 percent)
- More than three quarters (83 percent) of respondents believe that hackers are motivated by the monetary value of stolen data, with ego and entertainment-value playing only a small role.
While most InfoSec products offered aren’t inherently useless, some may have little to no benefit in your unique environment. Often a costly “Point Solution” is completely overlapped by already existing technologies. Other times a product may excel at mitigating a particular type of attack, but if that same attack isn’t applicable to your organization, the benefit is the same as attempting to protect a desert oasis with a Naval Warship.
2020 InfoSec is dedicated to helping our clients save money through reduced spending on Under-Utilized, Non-Applicable or Overlapping Technologies
Our InfoSec Utilization Audit is developed specifically to identify the level of benefit technologies offer in YOUR unique environment.