Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Cyber security is all hype and no substance: Gartner

Patrick Budmar | Aug. 20, 2013
Analyst likens the cyber security space to a Ponzi scheme.

Everything you have heard about cyber security is wrong, according to Gartner VP and distinguished analyst, John Girard.

While the industry message is that we should be guarding against everything cyber, Girard said during the Gartner Security Summit in Sydney that is not the case.

"We keep hearing that cyber security is a hot topic, that it is the ultimate problem and concern," he said.

"The question is whether that is the way it is."

The answer according to Girard is that most of what we hear about cyber security is hype or recycled material.

"There is a narrow subset of issues and remedies associated with cyber security that is important, but it is not something that applies to most enterprises," he said.

"It can apply to government and other special entities, but even so tread cautiously on some of the areas that are discussed and recommended."

Girard admits that there is a lot of money being made in this area, which needs to be questioned by people before the decision is made to pay out.

He adds that a lot of the activities labelled cyber security are not only not new, but could also be dangerous practices that should not be followed.

"The confusion around the term is itself a threat, because it creates a situation where governments and enterprises enter into destructive and confusion situations," he said.

Scheme by another name

When the discussion is about exploits in IT, it tends to centre on viruses and malware.

However, Girard said that the cyber security space also shares similarities to the Ponzi scheme, which was created by famous scam artist, Charles Ponzi.

The Ponzi scheme worked by promising rewards disproportionate to what has been invested, encouraged people to stay in the scheme with promises of benefits and threatened if you step out of it.

"That's how a Ponzi scheme works and a lot of vendors and practices in cyber security tend to work the same way," Girard said.

"Once you start to get involved with it, there's a cloud over you if you try to get out if, otherwise then you will be really in trouble."

 

Sign up for CIO Asia eNewsletters.