They say if you drop a frog in a pot of boiling water, it will, of course, frantically try to clamber out. But if you place it gently in a pot of tepid water and turn the heat on low, it will float there quite placidly. As you turn up the heat, the frog will sink into a tranquil stupor and before long, with a smile on its face, it will unresistingly allow itself to be boiled to death. The security industry is much like that frog; completely and uncontrollably in disarray – yet we tolerate it since we are used to it.
It is time to admit what many security professionals already know: We, as security professionals, are drastically failing ourselves, our community, and the people we are meant to protect. Too many of our security layers of defense are broken. Security professionals are enjoying a surge in business and growing salaries and that is why we tolerate the dismal situation we are facing. Yet it is our mandate, first and foremost, to protect.
The ramifications of our failure are immense. The success of the Internet and the global economy relies on trust and security. Billions of dollars of ecommerce opportunities are being lost due to inadequate security. A recent survey of U.S. adults revealed that three times the number of respondents believed they were more likely to be victimized in an online attack than a physical crime. A recent Gartner survey indicated that 14% of those who had banked online had stopped because of security concerns, and 30% had altered their usage. People are simply losing trust in the internet.
The security community is not just failing in one specific way – it is failing across multiple categories.
It is being out innovated.
It is losing the digital battle over cyberspace.
Click here to read the full article.
108 Responses to “Security Absurdity.”