I saw this announcement in my feed today:
Email and web filtering software vendor Mailguard is set to branch out into broader cybersecurity offerings, with the announcement of GlobalGuard, a new solution the company says will be powered by AI and blockchain. Mailguard chief executive Craig McDonald said GlobalGuard is a new …
List of keywords to put in any product announcement: Blockchain (tick), AI (tick), Machine Learning (no), Quantum something (no)…the list goes on. I’ve started to question the use of ‘AI’, ‘ML’ and other buzzwords in security products I come across because it’s often not an appropriate use of the technology. Worse, introducing an unneeded tech can lead to additional vulnerabilities.
We saw this with ‘Threat Intelligence’ and ‘Big Data’ being applied to basic SIEM platforms. There’s a place for these technologies, especially as a counter to the bad guys, but often they are just added to appear to meet the latest fashion.
A simple line of logic for the use of any security product goes like this:
- Define assets in terms of ‘what do I want to protect’
- Generate a list of appropriate controls which will mitigate the risks to your assets
- Implement appropriate people, process, and technology actions to manage your controls
- Continuously improve
For the technology, it’s not about which buzzwords (and don’t get me started on ‘GDPR compliance‘) but a much more simple:
- Does it do what I need now?
- Can it be supported?
- Will it evolve to do what I might want in future?