This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

RSA Conference: Security industry built on a haze of 'fog' and 'hype'

Share this article:
RSA Conference: Security industry built on a haze of 'fog' and 'hype'
RSA Conference: Security industry built on a haze of 'fog' and 'hype'

A panel of security experts at RSA Conference criticised their industry over its tendency to sensationalise and hype, taking attention away from truly important problems.

As well as the media that had a tendency to sensationalise issues, criticism was also reserved for companies that tried to focus attention on areas such as Android malware that was ‘cool', instead of business and enterprise problems that companies were actively trying to deal with.

Joshua Corman, director of security intelligence at Akamai, said: “I do think the fog and hype [in security] is a huge distraction. The job's hard enough to spot the right priorities. Just because something is sensational and headline grabbing doesn't mean it's the most important thing for you.”

He pointed out that there were more than 900 security conferences this year, and argued that there should be fewer but better ones.

He added: “I got irritated recently when I was on a conference board of directors, and 75 per cent of our submissions were on Android malware. Does this reflect the interest of the research community or that actually 75 per cent of the greatest risk was from Android malware?”

Gunter Ollman, vice president of research at Damballa, agreed, saying that Android malware, though interesting and important, wasn't a really major factor affecting businesses. 

“It's interesting that one of the largest botnets that is still out there is still Conficker. Here is malware that is four and half/ five years old, compromising millions of devices, and we don't talk about it, that it's not even a threat anymore,” he said.

Brian Honan, CEO of BH Consulting, said that there was a tendency for press and the security industry to hype and label certain things as more malicious then they are. He used DNSChanger as an example, which took over the DNS configurations of systems and pointed them to rogue ones. The FBI shut down the threat in July.

He said: “In the media you could see there was a whole lot of world is ending stories, claims millions of people would be disconnected from the internet. In reality between the work with the FBI, anti-virus companies, response teams and ISPs, infections had been reduced.”

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Google and Facebook offer free cyber-security tools

Google and Facebook offer free cyber-security tools

Google and Facebook have both launched free open-source cyber-security tools this week, designed to help security professionals spot malware and cyber-attacks.

Mixed results for key Government cyber-initiatives

Mixed results for key Government cyber-initiatives

The Government's Verify scheme to confirm IDs is behind scheuduled uptake, but its CISP threat intelligence sharing scheme is ahead of target.

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...