Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Why seeking perfection in security actually increases risk

Michael Santarcangelo | June 9, 2016
Lance James shares experience and insights on the often hidden risk of chasing perfection with steps security leaders can take to avoid common mistakes

Call me traditional, but the value of an in-person handshake doesn't change, no matter what field we are in. Solve problems together instead of selling one-way to a desperate organization trying to machine gun his way into solving the problems.

Stop telling your prospective client you will have that extra feature in 3 months for them just to sell to them. I personally have literally said to folks - "no, I can't sell this to you right now, it wouldn't be right and you're not ready for it. Here are the things you should do first before you come talk to us about this."

We are InfoSec professionals and we have a responsibility. We don't allow lemon cars, why would we allow ourselves to do that with technology or service that they either don't need, not ready for, or doesn't solve their problem?

Let's talk about the lemon market and threat intelligence. In a world of panic and crisis, we open ourselves to being vulnerable to a lemon market in our field. How many threat feeds actually can you tell me work for you - and how much percentage to you actually operationalize? And how many threat feeds does an enterprise organization have in their environment... let's not even add that cost up. Again a wide blanket approach to solve a problem because

  1. They may not completely understand how to solve the problem and
  2. They don't know how to determine if the problem is going to be solved by the vendor and
  3. How is the enterprise going to determine a quality threat intel service and guarantee consistency?

It's not like food, where you can tell if it's spoiled by looking at it. And the POC itself is expensive in time and how many times are we truly dedicated to our POC? And the fact that the vendor's client can't tell the difference between a peach or a lemon is going to cause the perverse incentives in this market today.

Quality takes time, and can be more expensive. Also costs... lemons start undercutting the peaches, and the lemons win... thus the dilution in the threat intelligence and security space in general and we are all still waiting on a superman, but we probably wouldn't know how to tell the difference anyway as everyone claims to be him. So stunts work temporarily, but what needs to be figured out is the actual problem you're solving and how much it truly should be invested in. If you don't have that answer as the organization shopping for security, then don't shop yet.

Another advantage to slowing down (and not showing off) is the ability to see more clearly. Why is that important?

 

Previous Page  1  2  3  4  5  6  Next Page 

Sign up for Computerworld eNewsletters.