3

Cybersecurity Products Rarely Live Up To Marketing Claims: RSA Panel - Slashdot

 1 year ago
source link: https://it.slashdot.org/story/22/06/11/2247216/cybersecurity-products-rarely-live-up-to-marketing-claims-rsa-panel
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.

Cybersecurity Products Rarely Live Up To Marketing Claims: RSA Panel

Become a fan of Slashdot on Facebook

binspamdupenotthebestofftopicslownewsdaystalestupid freshfunnyinsightfulinterestingmaybe offtopicflamebaittrollredundantoverrated insightfulinterestinginformativefunnyunderrated descriptive typodupeerror

Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 30 million monthly users. It takes less than a minute. Get new users downloading your project releases today!
×

A panel at this week's RSA Conference argued that 90% of security buyers aren't getting the efficacy from their products that vendors claim they can deliver.

Slashdot reader storagedude writes: Joe Hubback of cyber risk management startup ISTARI led both the panel and the study, which was based on in-depth interviews with more than a hundred high-level security officials, including CISOs, CIOs, CEOs, security and tech vendors, evaluation organizations and government organizations.

Hubback said that "90% of the people that I spoke to said that the security technologies they were buying from the market are just not delivering the effect that the vendors claim they can deliver. Quite a shocking proportion of people are suffering from technology that doesn't deliver."

A number of reasons for that product failure came out in the panel discussion, according to eSecurity Planet, but they can be boiled down to some key points:

- Cybersecurity buyers are pressed for time and most don't test the products they buy. "They're basically just buying and hoping that the solutions they're buying are really going to work," Hubback said.

- Vendors are under pressure from investors to get products to market quickly and from sales and marketing teams to make aggressive claims.

- On top of those pressures, it's difficult to architect tools that are effective for a range of complex environments – and equally difficult for buyers to properly assess these "black box" solutions.


Those conditions create an information asymmetry, said Hubback: "A vendor knows a lot more about the quality of the product than the buyer so the vendor is not incentivized to bring high-quality products to market because buyers can't properly evaluate what they're buying."

Hubback and fellow panelists hope to create a GSMA-like process for evaluating security product abilities, and he invited RSA attendees to join the effort.


About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK