You are here
Home > Opinion > Bull***t bingo

Bull***t bingo

I saw this announcement in my feed today:

Email and web filtering software vendor Mailguard is set to branch out into broader cybersecurity offerings, with the announcement of GlobalGuard, a new solution the company says will be powered by AI and blockchain. Mailguard chief executive Craig McDonald said GlobalGuard is a new …

List of keywords to put in any product announcement: Blockchain (tick), AI (tick), Machine Learning (no), Quantum something (no)…the list goes on. I’ve started to question the use of ‘AI’, ‘ML’ and other buzzwords in security products I come across because it’s often not an appropriate use of the technology. Worse, introducing an unneeded tech can lead to additional vulnerabilities.

We saw this with ‘Threat Intelligence’ and ‘Big Data’ being applied to basic SIEM platforms. There’s a place for these technologies, especially as a counter to the bad guys, but often they are just added to appear to meet the latest fashion.

A simple line of logic for the use of any security product goes like this:

  1. Define assets in terms of ‘what do I want to protect’
  2. Generate a list of appropriate controls which will mitigate the risks to your assets
  3. Implement appropriate people, process, and technology actions to manage your controls
  4. Continuously improve

For the technology, it’s not about which buzzwords (and don’t get me started on ‘GDPR compliance‘) but a much more simple:

  1. Does it do what I need now?
  2. Can it be supported?
  3. Will it evolve to do what I might want in future?

Rant over…

Peter Glock
Over 30 years of designing, building and managing telecoms and IT services. Primarily working with large enterprise and professional services businesses in Asia, North America, continental Europe and the UK. Information security professional, secret physics nerd.
https://brownglock.com

Similar Articles

Leave a Reply

Top
%d bloggers like this: