But does FUD help to drive awareness?
In moderation, FUD does have its place, in particular in justifying security measures and budgets to management.
Mimran says this will continue: “The main go-to-market strategy for security vendors has always been FUD, and although it does not sound right versus showing the real value of products and services, still we are in the field of security.
“The field of security and the focus on threats is based on risk management and the natural emotions involved in risk management are naturally fear and uncertainty.
“Until the cyber-security industry will mature, FUD will still be the main root message behind marketing of cyber-companies. There are early signs of maturity in different companies but still the vast majority is still focused on actual threats and their damage which is basically FUD.
Singh agreed, but added that customers are “partly to blame”.
“The problem is, as consumers always look for panacea to a problem, and the problem with cyber is it is not binary. It’s not black and white. Humans have a problem with the concept of a grey area.
“Vendors are fighting a losing battle because if they say ‘my product may protect you’, many consumers may not buy product. So have to go overboard and make a promise not fully true. It’s an education issue definitely.”
He added customers don’t spend time on understanding who will use the products, or what they are trying to protect.
“Part of the problem in IT is customers have no idea what they want - they get promised the world, but they don’t understand the terminology. It’s a similar thing with cyber.”
What more can be done?
There is hope though that more can be done on both sides to improve security maturity.
Mimran added: “The market should go through some consolidation to ramp up the solutions and the vendors should work much more closely with customers toward tailoring solutions which eventually once they fill the gap can turn into products.”
Singh says: “I think the good vendors will invest in educating the customer, or potential customer, on what limits of particular tech set, not necessary their products.”
Kleczynski added: “The bottom line is that the cyber threat landscape is constantly evolving and we all need to work together, share ideas, and try to stay one step ahead of criminals.
“Collaboration, research and coordinating with government agencies are all great steps towards making not just the web, but the world a safer place. There have certainly been instances where we’ve approached a company to collaborate and because of our “competitive” nature, we were turned down. Differences must be set aside.”
Sign up for CIO Asia eNewsletters.