Now with APT detection and automated analysis to instantly identify cyber attacks!*
I’m fascinated by the continuously evolving hype-fest surrounding the latest “innovations” in security products. Not that our current methods couldn’t use some creative approaches, but the problem is that security leadership often gets dazzled by feature road maps that have as much substance as the wisps of smoke from a genie’s bottle. The media isn’t much help, often accepting the industry’s claims with little to no validation. Inevitably, organizations surrender to the glittering new toy, sinking their precious cash into something they thought would magically restore their faith in security. Then the harsh reality hits and they realize that the only impact the tool had was on their budget, failing to improve their security posture by even an angstrom. This is how organizations fail security kindergarten.
Most enterprises would be better served by investing in the ABCs of security: documentation, policy, procedures, and essential controls. I’m mystified by organizations that will invest over 500k in fancy breach detection systems, but won’t spend a dime on centralized log correlation. The sad truth is that the basics aren’t sexy. It’s hard to “sell” critical security controls such as account monitoring, data classification and handling standards when the news is filled with stories of China hacking health insurance companies. Maybe security professionals could make more of an impact by dropping the FUD and educating leadership about the necessity of having a solid foundation. Sprinkles are great, but they don’t mean much without a tasty doughnut underneath. Besides, sprinkles are for winners.
*An actual line from a security vendor’s web site.