Author: Lou Covey

Security industry addicted to bland marketing

There is no question that the cybersecurity industry performs a vital role in keeping the digital world safe.  It’s too bad the industry is so dedicated to bland, repetitive and un-informational marketing and research.

The problem doesn’t exist with cybersecurity alone.  Every tech industry under finances and plagiarizes marketing communications both within and without their niches, but the problem in security is that there is so little actual data to refer to, it is easy to make it up and still be believed.  The introduction of AI into marketing efforts definitely cuts down the price and effort of communications, but it makes the bland and repetitive content even more bland, repetitive while making it less informative than when humans are actually involved.

Anyone involved in the process of evaluating this content and mining nuggets of relevant truth knows the problem and some are trying to do something about it.  James Bore is one of them.

Read more...

Editorial: Jog on, Meta

Mark Zuckerberg made two announcements about major changes in Meta in the past two weeks. The first was the revelation that they would be creating hundreds of AI-driven bots to interact with users. The second was the announcement that they would stop moderation of content, “except for dangerous stuff,” according to a video posted by Zuckerberg. With a certain amount of schadenfreude, we note that Meta had to pull the accounts they had already made as users started engaging with them, finding their inherent flaws and raking them over the coals for how piss-poor their execution was.

Both of these announcements validated a decision I had made earlier this year to start divesting myself of Meta platform accounts. I made the request to deactivate all the accounts (Facebook, Instagram and Messenger) a week before both announcements. I would have done it sooner if I had known it would take Meta 30 days from my request to deactivate everything. This morning, however, I received a text from my partners in Cyber Protection Magazine asking if I thought we should deactivate our Facebook account.

Frankly, I had forgotten we had one, basically because we received zero engagement from the platform, despite the amount of content we put up there. That,.too, is a result of Meta de-emphasizing legacy media. Of course, I concurred with the team. Sometime in February, we will disappear from Facebook.

Read more...

A new year and new problems

We open a new year and a new season with our friend, Ian Thornton-Trump, chief information security officer at the MSSP Inversion6 and in 30 minutes we take on some pretty meaty subjects.
First, we discuss how China strategically infiltrated technology systems in the US and other countries as a geopolitical message rather than attacks. He discusses the challenges of securing complex, interconnected systems and the need for proactive defense.
Next we review the rise of corporate power and influence and how the increasing wealth and influence of individuals like Elon Musk is disrupting the traditional balance of power in democracies. The ethical concerns around wealthy individuals wielding disproportionate political influence could result in something the oligarchs are not expecting.
Finally, we review potential trade wars and the possibility of Canada and Mexico joining the BRICS alliance.
2025 is going to be bumpy but very interesting.

Read more...

Lots of Questions for 2025

As we start wrapping up the year we are in planning mode, and we have questions… lots of questions. We will be asking them next year. Here are some of the things we are concerned about.

Statistics — We hear how bad the situation is in security. Lots of jobs going unfilled. Cyber attacks on the increase. The cost of cybercrime approaching $25 trillion dollars. But is it that bad?

AI-Driven Cyber Attacks — As artificial intelligence advances, cybercriminals are expected to use it to craft highly sophisticated phishing scams, automate attacks, and develop malware that can rapidly evolve. Defenders will need AI-powered tools to detect and mitigate these threats in real time. Which way will….

Read more...

Online platforms negate tools for shoppers

It’s officially the Christmas holiday shopping season and scammers are happily draining online shoppers gift budgets with wild abandon. The FBI warned consumers last week that holiday-related fraud is growing. E-commerce sales should exceed $260 billion this year and even if scammers maintain the same activity as 2023, they should come away with a cool $10 billion. No matter what the cybersecurity industry comes up with in the form of protections for consumers it is negated by retail platforms like Amazon, Google and Temu.

The Federal Trade Commission (FTC), identifies individuals aged 18 to 39 are 25% more likely to fall victim to online shopping scams than older adults. These shoppers rely heavily on e-commerce platforms and social media ads that are scams disguised as unbelievable holiday deals.

Cutting back

One might think that online retailers are ramping up systems to curb that kind of abuse. You would be very wrong. According to recent reports, retailers are growing security spending by 8% in 2024, compared to rates of rates of 16% and 17% seen in 2021 and 2022 respectively. In some cases, retailers are cutting security budgets.

Read more...

AI making life hard for consumers and cybersecurity

The AI industry supposedly to make life easier for humanity. Since it first burst onto the scene it has, arguably, made life more difficult. Consumers and the cybersecurity industry, in particular, are struggling professionally, emotionally, and mentally to understand the value, if not the efficacy, of the technology.

Cyber Protection Magazine evaluated three surveys, from Armorcode, Arkose Labs, and Appdome, over the past few weeks. They agreed the public image of AI is untrustworthy, full of false promises, and something to be feared. In spite of this image, customers believe they must adopt and adapt to the technology, even if they don’t want to.

Read more...

Poor marketing endangers society

n the past few weeks, as various security companies have published multiple studies about the state of cybersecurity, a common theme has arisen: Executives running the companies that purchase security tools and services are not sure their purchases have made them any safer. This widespread position in the market confirms results of a months’ long investigation by Cyber Protection Magazine that marketing practices in the industry are failing to do the job and, in the process, making society less safe.

While every report skews data to convincing customers to add their company’s tools and services to their budgets. However, every report also reports that between 60 and 90 percent of managers have significant concerns and doubts that the tools they have, and the tools they are considering, will not do the job that needs doing. The reasons for that lack of confidence are three-fold.

Three reasons for lack of trust

First, stuff is moving fast. Governments are legislating controls and protections faster than normal. Sometimes this rules don’t make sense and many in the industry think they are holding back innovation and adoption. Criminals and nation states are stepping up attacks that bypass established protections, and lawsuits for negligence are growing. Second, while understanding the need for security best practices is at an all-time high, that’s mainly because weaknesses due to work-from-home, generative AI and news about data breaches is also high. That means while understanding of the need is high, inexperience and ignorance is creating new opportunities for attacks.

“Many executives may not exactly understand how (the tools) work,” said Cache Merrill, founder of software outsourcing company, Zibtek. “. When there is a concern on the functionality of the tools or when attention is on what the tech teams understand without listening to them, anxiety is experienced. To put it simply, if they cannot see it, they will not put faith in it.”

Carl DePrado, an SMB IT consultant based in New York, aid, “The sheer number of cybersecurity products and services can be overwhelming. This contributes to a sense of vulnerability, as they may not feel confident that they have covered all their bases.”

Read more...