Vendors will try to scare you to death to sell you their products. Don’t fall for it, says an IBM vendor who sells security systems to military groups.
At the Hot Topics in Tech track at ITEXPO in Fort Lauderdale yesterday, IBM security evangelist Westley McDuffie invoked Dwight Eisenhower when he told the assembled crowd that the desire to achieve absolute security might very well bankrupt your company.
“I preach the gospel of security,” McDuffie says. He works with nations and governments, rather than corporations and businesses. “The difference is, if you mess with my clients, they can kill you.”
McDuffie used statistics to reinforce his claim that vendors will sell you what you don’t need. He says 75% of security threats can be attributed to internal attacks. But he notes that most of those internal issues are the result of carelessness, rather than an attempted attack.
He says less than 1% of security issues arise from targeted attacks. Vendors still try to sell you on protection against zero-day, which accounts for less than 0.1% of security issues.
McDuffie offered a few military-type tips for improving your IT security without breaking the bank:
McDuffie stressed that proper security involves applying the proper procedures, over and over. “Security is something you do, not something you have,” he says.
It doesn’t help to let fear rule your decision making. “Fear, uncertainty and doubt run rampant in the world,” he says.
Don’t let vendors sell you the “Swiss knife” solution, or the magic bullet that will solve all your security concerns. The complete security solution doesn’t exist, he says, and if it did, you probably couldn’t afford it.
Antivirus software is not enough. Apex Technology Services used its decades of IT and cybersecurity
experience to create budget-friendly network security packages every company needs.
Please take a moment to fill out your information so we can contact you directly regarding your request.
Shabodi, an Application Enablement Platform (AEP) provider unleashing advanced network capabilities in LTE, 5G, 6G, and Wi-Fi 6, announced they have l…
Endpoint protection, also known as endpoint security, is a cybersecurity approach focused on defending computers, mobile devices, servers, and other e…
Databricks is an innovative data analytics platform designed to simplify the process of building big data and artificial intelligence (AI) solutions. …
Blue/green deployment is a software release management strategy that aims to reduce downtime and risk by running two identical production environments…
Lateral movement is a term used in cybersecurity to describe the techniques that cyber attackers use to progressively move through a network in search…