vendors continue to delude customers by urging continued sales of useless products” and are “sowing confusion and creating much harm.” – McAfee co-founder John McAfee

Read this interesting article in it’s entirety on CSO Online from IDG:

Are InfoSec vendors ‘sowing confusion’ and selling ‘useless’ products?

These vulnerabilities are as bad as it gets. They don’t require any user interaction, they affect the default configuration, and the software runs at the highest privilege levels possible.” – Google researcher Tavis Ormand

Read the complete article on CBC News:

Antivirus software is ‘increasingly useless’ and may make your computer less safe

The reality is that cybersecurity is a corrupt industry that needs bad guys to stay lucrative.”

Read the entire article on TNW:

The cybersecurity industry’s billion dollar scam

Infosec is an industry that wastes billions of dollars on firewalls and policing network perimeters, things that “make us feel safe” but don’t address real problems.” – RSA president Amit Yoran

Read more on SC Magazine:

Cyber-security industry is “fundamentally broken”, 

Some security providers may make unjustifiable claims about their products, whereas others may make legitimate claims and simply aren’t pursuing state-of-the-art security.” Read more in this article on datacenterjournal:

IS CYBERSECURITY A SCAM?

The three least effective enterprise security measures

Password protection, facial recognition and access controls

-an article on helpnetsecurity.com sourced from hackers attending Blackhat USA 2017

The List:

  1. Password protected documents
  2. Face recognition
  3. Access Controls
  4. MDM
  5. Network Firewalls
  6. Other
  7. Fingerprint Authentication

 

Key findings

  • The top five data security blind spots are unmanaged devices (61 percent), not-up-to-date systems, applications and programs (55 percent), mobile devices (36 percent), data at rest in the cloud (26 percent), and traditional on-premises security (20 percent)
  • Password-protected documents (33 percent) were ranked as the least effective security tool, followed by facial recognition (19 percent)
  • Facial recognition was rated as the worst tool six times more often than fingerprint authentication – an interesting insight in light of the new iPhone’s shift to face-recognition security
  • Almost 60 percent of respondents ranked phishing as the number one method of data exfiltration, followed by malware and ransomware (27 percent)
  • More than three quarters (83 percent) of respondents believe that hackers are motivated by the monetary value of stolen data, with ego and entertainment-value playing only a small role.

Non Applicable Cyber Security

While most InfoSec products offered aren’t inherently useless, some may have little to no benefit in your unique environment. Often a costly “Point Solution” is completely overlapped by already existing technologies. Other times a product may excel at mitigating a particular type of attack, but if that same attack isn’t applicable to your organization, the benefit is the same as attempting to protect a desert oasis with a Naval Warship.

 

InfoSec Redundancy Audit
InfoSec Utilization Audit

2020 InfoSec is dedicated to helping our clients save money through reduced spending on Under-Utilized, Non-Applicable or Overlapping Technologies

Our InfoSec Utilization Audit is developed specifically to identify the level of benefit technologies offer in YOUR unique environment.