RSA Conference: Security industry built on a haze of 'fog' and 'hype'

Share this article:
RSA Conference: Security industry built on a haze of 'fog' and 'hype'
RSA Conference: Security industry built on a haze of 'fog' and 'hype'

A panel of security experts at RSA Conference criticised their industry over its tendency to sensationalise and hype, taking attention away from truly important problems.

As well as the media that had a tendency to sensationalise issues, criticism was also reserved for companies that tried to focus attention on areas such as Android malware that was ‘cool', instead of business and enterprise problems that companies were actively trying to deal with.

Joshua Corman, director of security intelligence at Akamai, said: “I do think the fog and hype [in security] is a huge distraction. The job's hard enough to spot the right priorities. Just because something is sensational and headline grabbing doesn't mean it's the most important thing for you.”

He pointed out that there were more than 900 security conferences this year, and argued that there should be fewer but better ones.

He added: “I got irritated recently when I was on a conference board of directors, and 75 per cent of our submissions were on Android malware. Does this reflect the interest of the research community or that actually 75 per cent of the greatest risk was from Android malware?”

Gunter Ollman, vice president of research at Damballa, agreed, saying that Android malware, though interesting and important, wasn't a really major factor affecting businesses. 

“It's interesting that one of the largest botnets that is still out there is still Conficker. Here is malware that is four and half/ five years old, compromising millions of devices, and we don't talk about it, that it's not even a threat anymore,” he said.

Brian Honan, CEO of BH Consulting, said that there was a tendency for press and the security industry to hype and label certain things as more malicious then they are. He used DNSChanger as an example, which took over the DNS configurations of systems and pointed them to rogue ones. The FBI shut down the threat in July.

He said: “In the media you could see there was a whole lot of world is ending stories, claims millions of people would be disconnected from the internet. In reality between the work with the FBI, anti-virus companies, response teams and ISPs, infections had been reduced.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud

Exclusive video webcast & Q&A sponsored by Vormetric

As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.

View the webcast here to find out more