|By Peter Silva||
|December 6, 2012 08:00 AM EST||
Had a short but interesting twitter exchange with @securityincite @Gillis57 and @essobi (Mike Rothman, Gillis Jones and not sure (sorry!!) respectively) about using Fear, Uncertainty and Doubt when talking IT security services. @Gillis57 initially asked, ‘Question: We discuss FUD constantly (and I agree that it’s too prominent) But isn’t security inherently built upon fear?’ I sent an ‘09 Rothman article (@securityincite said it was ‘old school’ but still has some great comments) about that very topic. Soon, @essobi chimed in with, ‘Our foundation shouldn’t be fear, it should be education. ,’ @Gillis57 responded, ‘So, look. I agree wholeheartedly, but why do people need to be educated?’ @essobi answered, ‘imo? Bad programming/exploitable logic processes. we need to raise the bar or lower expectations.’ @Gillis57 added, ‘I really don’t think we need to keep selling fear, but denying that we are a fear based industry isn’t helping.’ @securityincite wizdom’d with, ‘Fear is a tactic like anything else. Depends in situation, context, catalyst. And use sparingly.’ And I conceded that, ‘splitting hairs but I try to talk about risk rather than fear - what’s the risk if…which often generates fear.’
Most of the time when we talk about security there is a fear factor because we are talking about risk. Risk is the potential for something Bad happening and typically those things scare or make us uncomfortable. Often when vendors talk about things like protection, benefits, etc, it’s measured in terms of numbers, stats, performance…metrics.
Security is also about Peace of Mind; a feeling that you have. Those military people who can get some good sleep even with bullets flying over their heads have peace of mind. Even in a very high risk, dangerous, vulnerable and insecure environment, they feel secure.
I saw an article about the difference between selling insurance and the lottery – Fear vs. Dreams. Maybe we should discuss IT Security in terms of how it has made an IT guy’s life better? I think it would be cool if ‘security’ case studies included a side bar or something with a quote that brags, ‘Now that we have this solution installed, I’m able to attend my daughter’s piano recitals.’ ‘I’m able to get a good night’s sleep knowing that our web site is ok/won’t get paged at 3AM/won’t have to work for 16hrs.’ Adding to the quality of life over and above the usual ROI/TCO/performance/$$.
How it may have enhanced life.
How it gave peace of mind.
How it Reduced Stress.
How it allowed someone to be home for dinner.
How it allowed someone to enjoy the weekend, do that Science Fair thing with the kid, take a longer vacation…
It might be cool for the industry (and the general public) to read how another’s life improved when security is deployed along with all the breaches and headaches. Ultimately, that’s what we are all chasing as humans anyway – that harmony, balance, peace of mind, quality of life, family, love…the cores of our being rather than what we do for a job – even though our work does have a lot to do with quality of life. I also think that education is part of our duty. Not in the ‘Knights of the Roundtable’ duty but if someone needs our security expertise and is willing to learn, sharing (and ultimately, awareness) is important to ensure a more informed public. That is simply being a good internet citizen. And yes, fear does have it’s place especially when someone is not getting it or ignoring that others are at risk.
We frequently talk in terms of rational thinking ($$/performance) when security is quite often about an emotional feeling. That’s why some often use FUD to sell security: Fear: emotional, Uncertainly: more emotional than rational, Doubt: gut feeling with little data. But instead of tapping those negative emotions, we should shoot for the Feel Good emotions that provide safety and security. The Dream.
- Abandon FUD, Scare Tactics and Marketing Hype
- Are you Selling Fear or Dreams?
- Death to FUD Selling
- FUD creeping back into security sell
- Time To Deploy The FUD Weapon?
- How To Sell Security Solutions Without Using Fear, Uncertainty And Doubt
- Researchers Warn Against Selling On Security Hype
- How to Sell Security, Externality and FUD
- How to Sell Security
- The Four Horsemen of the Cyber-Apocalypse: Security Software FUD (awesome article)
|Connect with Peter:||Connect with F5:|
When you decide to launch a startup company, business advisors, counselors, bankers and armchair know-it-alls will tell you that the first thing you need to do is get funding. While there is some validity to that boilerplate piece of wisdom, the availability of and need for startup funding has gone through a dramatic transformation over the past decade, and the next few years will see even more of a shift. A perfect storm of events is causing this seismic shift. On the macroeconomic side this ...
Apr. 27, 2017 11:34 AM EDT Reads: 194
Cloud promises the agility required by today’s digital businesses. As organizations adopt cloud based infrastructures and services, their IT resources become increasingly dynamic and hybrid in nature. Managing these require modern IT operations and tools. In his session at 20th Cloud Expo, Raj Sundaram, Senior Principal Product Manager at CA Technologies, will discuss how to modernize your IT operations in order to proactively manage your hybrid cloud and IT environments. He will be sharing be...
Apr. 27, 2017 10:00 AM EDT Reads: 645
Back in February of 2017, Andrew Clay Schafer of Pivotal tweeted the following: “seriously tho, the whole software industry is stuck on deployment when we desperately need architecture and telemetry.” Intrigue in a 140 characters. For me, I hear Andrew saying, “we’re jumping to step 5 before we’ve successfully completed steps 1-4.”
Apr. 27, 2017 09:45 AM EDT Reads: 1,824
Enterprise architects are increasingly adopting multi-cloud strategies as they seek to utilize existing data center assets, leverage the advantages of cloud computing and avoid cloud vendor lock-in. This requires a globally aware traffic management strategy that can monitor infrastructure health across data centers and end-user experience globally, while responding to control changes and system specification at the speed of today’s DevOps teams. In his session at 20th Cloud Expo, Josh Gray, Chie...
Apr. 27, 2017 08:15 AM EDT Reads: 3,330
To more closely examine the variety of ways in which IT departments around the world are integrating cloud services, and the effect hybrid IT has had on their organizations and IT job roles, SolarWinds recently released the SolarWinds IT Trends Report 2017: Portrait of a Hybrid Organization. This annual study consists of survey-based research that explores significant trends, developments, and movements related to and directly affecting IT and IT professionals.
Apr. 27, 2017 04:45 AM EDT Reads: 1,729
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
Apr. 27, 2017 03:15 AM EDT Reads: 6,005
NHK, Japan Broadcasting, will feature the upcoming @ThingsExpo Silicon Valley in a special 'Internet of Things' and smart technology documentary that will be filmed on the expo floor between November 3 to 5, 2015, in Santa Clara. NHK is the sole public TV network in Japan equivalent to the BBC in the UK and the largest in Asia with many award-winning science and technology programs. Japanese TV is producing a documentary about IoT and Smart technology and will be covering @ThingsExpo Silicon Val...
Apr. 27, 2017 12:00 AM EDT Reads: 9,212
Cloud Expo, Inc. has announced today that Aruna Ravichandran, vice president of DevOps Product and Solutions Marketing at CA Technologies, has been named co-conference chair of DevOps at Cloud Expo 2017. The @DevOpsSummit at Cloud Expo New York will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and @DevOpsSummit at Cloud Expo Silicon Valley will take place Oct. 31-Nov. 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
Apr. 26, 2017 09:45 PM EDT Reads: 2,611
Is your application too difficult to manage? Do changes take dozens of developers hundreds of hours to execute, and frequently result in downtime across all your site’s functions? It sounds like you have a monolith! A monolith is one of the three main software architectures that define most applications. Whether you’ve intentionally set out to create a monolith or not, it’s worth at least weighing the pros and cons of the different architectural approaches and deciding which one makes the most s...
Apr. 26, 2017 08:30 PM EDT Reads: 2,813
Developers want to create better apps faster. Static clouds are giving way to scalable systems, with dynamic resource allocation and application monitoring. You won't hear that chant from users on any picket line, but helping developers to create better apps faster is the mission of Lee Atchison, principal cloud architect and advocate at New Relic Inc., based in San Francisco. His singular job is to understand and drive the industry in the areas of cloud architecture, microservices, scalability ...
Apr. 26, 2017 01:00 PM EDT Reads: 3,562
This recent research on cloud computing from the Register delves a little deeper than many of the "We're all adopting cloud!" surveys we've seen. They found that meaningful cloud adoption and the idea of the cloud-first enterprise are still not reality for many businesses. The Register's stats also show a more gradual cloud deployment trend over the past five years, not any sort of explosion. One important takeaway is that coherence across internal and external clouds is essential for IT right n...
Apr. 26, 2017 08:45 AM EDT Reads: 1,730
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...
Apr. 25, 2017 10:30 PM EDT Reads: 7,262
In large enterprises, environment provisioning and server provisioning account for a significant portion of the operations team's time. This often leaves users frustrated while they wait for these services. For instance, server provisioning can take several days and sometimes even weeks. At the same time, digital transformation means the need for server and environment provisioning is constantly growing. Organizations are adopting agile methodologies and software teams are increasing the speed ...
Apr. 25, 2017 08:15 PM EDT Reads: 3,386
In his session at 20th Cloud Expo, Scott Davis, CTO of Embotics, will discuss how automation can provide the dynamic management required to cost-effectively deliver microservices and container solutions at scale. He will discuss how flexible automation is the key to effectively bridging and seamlessly coordinating both IT and developer needs for component orchestration across disparate clouds – an increasingly important requirement at today’s multi-cloud enterprise.
Apr. 25, 2017 06:00 AM EDT Reads: 4,350
Keeping pace with advancements in software delivery processes and tooling is taxing even for the most proficient organizations. Point tools, platforms, open source and the increasing adoption of private and public cloud services requires strong engineering rigor – all in the face of developer demands to use the tools of choice. As Agile has settled in as a mainstream practice, now DevOps has emerged as the next wave to improve software delivery speed and output. To make DevOps work, organization...
Apr. 25, 2017 03:15 AM EDT Reads: 8,924
Software as a service (SaaS), one of the earliest and most successful cloud services, has reached mainstream status. According to Cisco, by 2019 more than four-fifths (83 percent) of all data center traffic will be based in the cloud, up from 65 percent today. The majority of this traffic will be applications. Businesses of all sizes are adopting a variety of SaaS-based services – everything from collaboration tools to mission-critical commerce-oriented applications. The rise in SaaS usage has m...
Apr. 22, 2017 06:15 PM EDT Reads: 4,886
The proper isolation of resources is essential for multi-tenant environments. The traditional approach to isolate resources is, however, rather heavyweight. In his session at 18th Cloud Expo, Igor Drobiazko, co-founder of elastic.io, drew upon his own experience with operating a Docker container-based infrastructure on a large scale and present a lightweight solution for resource isolation using microservices. He also discussed the implementation of microservices in data and application integrat...
Apr. 22, 2017 05:45 AM EDT Reads: 6,266
We'd all like to fulfill that "find a job you love and you'll never work a day in your life" cliché. But in reality, every job (even if it's our dream job) comes with its downsides. For you, the constant fight against shadow IT might get on your last nerves. For your developer coworkers, infrastructure management is the roadblock that stands in the way of focusing on coding. As you watch more and more applications and processes move to the cloud, technology is coming to developers' rescue-most r...
Apr. 22, 2017 04:00 AM EDT Reads: 4,137
2016 has been an amazing year for Docker and the container industry. We had 3 major releases of Docker engine this year , and tremendous increase in usage. The community has been following along and contributing amazing Docker resources to help you learn and get hands-on experience. Here’s some of the top read and viewed content for the year. Of course releases are always really popular, particularly when they fit requests we had from the community.
Apr. 22, 2017 03:45 AM EDT Reads: 3,618
Even for the most seasoned IT pros, the cloud is complicated. It can be difficult just to wrap your head around the many terms and acronyms that make up the cloud dictionary-not to mention actually mastering the technology. Unfortunately, complicated cloud terms are often combined to the point that their meanings are lost in a sea of conflicting opinions. Two terms that are used interchangeably (but shouldn't be) are hybrid cloud and multicloud. If you want to be the cloud expert your company ne...
Apr. 21, 2017 04:15 PM EDT Reads: 2,272