Proper cybersecurity measures take insight and forethought.


All that glitters is not gold. Sometimes, shiny new security products can make matters worse, rather than better. That’s the premise of a recent article by SecTor co-founder and organizer Bruce Cowper, published over at Dark Reading.

The article, Avoiding ‘Magpie Syndrome’ In Cybersecurity, suggests that vendors and customers alike can often look for quick answers to perceived security problems. Whenever a new type of vulnerability or attack technique emerges, it can be easy to publish a security feature claiming to prevent it, and then sell it as an easy fix. Then, customers can say that they covered their bases, and perhaps reduce their chances of getting fired, should they be hacked.

That’s all well and good, but concentrating on packaged fixes for individual classes of threat can lead to a tangled mess of point solutions that is hard to use, and which can hinder a cybersecurity effort instead of helping it. Bruce has seen this several times in his security consulting work, and provides some examples.

In this article, he suggests some alternative approaches. They may be harder to implement than merely ticking a box and writing a cheque, but they could make organizations far safer. If nothing else, there’s one thing that people will take away from Bruce’s op-ed: real security and perceived security are often entirely different things.

Interested in more cybersecurity discussions? Register at SecTor, which takes place at Metro Toronto Convention Centre in downtown Toronto on October 20-21, with a training day on October 19.