Who Watches the FUD Watcher?
In this week’s CSO Online, Bill Brenner writes about the recent breaks at Kaspersky Labs and F-Secure. You can tell his opinion from the title alone, “Security Vendor Breach Fallout Justified” in his ironically named “FUD watch” column.
Brenner watched the FUD as he spreads it. He moans histrionically,
When security is your company’s business, even the smallest breach is worthy of scorn. If you can’t keep the bad guys out of your own database, how can customers reasonably expect that you’ll keep theirs safe?
Oh, please. Spare us the gotcha. Let me toss something back at Brenner. In the quote above, he says, “theirs” but probably meant to say “them.” The antecedant of “theirs” is database, and Kaspersky isn’t strictly a database security company, but an anti-virus company. “Them” is a much better turn of phrase, and I hope what he meant to say. How can we possibly trust CSO Online as a supplier of security knowledge when they can’t even compose a simple paragraph? And how can we even trust your own tagline:
Senior Editor Bill Brenner scours the Internet in search of FUD – overhyped security threats that ultimately have little impact on a CSO’s daily routine. The goal: help security decision makers separate the hot air from genuine action items.
Why is FUD Watch creating the very sort FUD they claim to watch? Who watches the FUD watchers? I do, I suppose.
Is my criticism unfair and picayune? Yup.
People make mistakes, even Kaspersky and F-Seecure. And heck, even CSO Online. I forgive you.
Brenner came very close to writing the article that should have been written. If even the likes of Kaspersky and F-Secure fall victim to stupid things like SQL injection, what does that say about the state of web programming tools? How can mere mortals be safe if they can’t?
The drama about these breaks is FUD. It shows that no one is immune. It shows that merely being good at what you do isn’t good enough. It means that people need to test, verify, buy Adam’s book, read it, and act on it.
The correct lesson is not schadenfreude, but humility. There but for the grace of God, go all of us.