The Security Mentor

Network World Fusion just ran two opinion pieces. A person we'll call Hatfield says, in the first one, that intruders from the outside aren't the real threat to businesses, who should instead worry about insiders and crooked or careless employees. Hatfield cites statistics to prove this.

A person we'll call McCoy says in the second opinion piece that insiders are overrated as a security threat and that businesses should concentrate on defending against outsiders.

Are you throwing up your hands in confusion? Or are you cynically wondering whether Hatfield is from a company that sells protection against insiders and McCoy is from a company that sells protection against outsiders? Are you wondering whether the statistics in Hatfield's article come from his own company? Then you're street smart, not cynical, because that's exactly what happened.

We have too few hard facts about security threats, and far too many of the numbers in the press are made up. Always look for conflicts of interest. Does a news article quote "experts" saying that a virus cost $11 billion worldwide? Check whether the "experts" are from an antivirus company.