Skip to content

What Cyber Security Is Not

I feel like the first 2016 presidential debate should have been experienced over breakfast at a Waffle House. After having used a time machine to travel back to the mid-1980s. With bacon.

Because then I could have pretended that the cybersecurity discussion was just a couple of excited pensioners at a neighboring table who had good intentions but not a lot of clue: “my son is good at the computers“; “it’s probably those dastardly Russians!

It would have fit right into the atmosphere and been almost charming. It would not have been what it actually was: alarming.

The computer genius 10-year-old aside (is he available for an internship? we are hiring!), the reality of security that companies need to care about is neither basement-dwelling thrill hackers nor state actors. This is a false dichotomy that insults and misleads everyone in order to sell expensive security shovelware toolkits that address non-existent issues. Yes, I’m afraid that I have bad news: your Splunk instance is not really going to stop GCHQ.
Continue Reading →