The destructive power of bad investigations

September 9, 2015 Kevin Whalen


Roger Goodell just can’t win. Literally.

The Tom Brady Deflategate fiasco is the just the latest example of shoddy investigations leading to embarrassing losses in court for the NFL.

The Ray Rice disaster. The Adrian Peterson case and the New Orleans Saints Bountygate case. All Roger Goodell run investigations whose results were overturned by impartial courts of law.

In the Deflategate case, Judge Richard Berman was so appalled at the process; he used quotation marks each time he referred Goodell’s “independent investigation.” How embarrassing.

If the NFL as an organization had a Board of Directors, it would be the league’s 32 team owners. They are tiring of the league being embarrassed so completely and so often, due to faulty investigations. The tide is starting to turn against Goodell.

Falcons owner Arthur Blank politely torches Roger Goodell’s handling of Deflategate

“This deflategate thing which isn’t about deflategate any longer, it’s about what has been collectively negotiated for decades in terms of the commissioner’s responsibility in terms of disciplining players,” Blank said. “If we have to look at that differently in today’s light, in today’s environment, as an ownership group we should be prepared to do that. The commissioner should be prepared to do that.”

In our corner of the world, network security, this narrative of bad investigations, embarrassing revelations and potential management changes at the top has a familiar ring to it. Investigations usually fail not because of the people involved, but the process.

The unfortunate reality of security investigations today is that already short staffed teams are left to aggregate and make sense of millions or even billions of alerts from a variety of solutions. While many are just noise these alerts provide very little context. Some are a clear-and-present danger and yet so many threats as represented by IOC’s (Indicators of Compromise) appear to be same.  Figuring out the difference is far too time-consuming a process today. As an industry, we have not recognized (or listened to customers telling us) that workflow and usability is every bit as important as the latest threat detection bell or whistle. Certainly that is not as sexy or exciting to talk about, but it is far more valuable to enabling the people and process aspects of the equation.

Whether you’re a multi-billion dollar sport or a multi-billion dollar business, bad investigations can lead to severe brand and reputational damage. Only the NFL gets to have bad investigations and no damage to the bottom line. It’s the NFL’s world and we’re just living in it.

The post The destructive power of bad investigations appeared first on Arbor Insights - Our People, Products and Perspective.


Previous Article
Size Does Not Always Matter, It’s the Mindset That Counts
Size Does Not Always Matter, It’s the Mindset That Counts

North America has signaled the end of summer and a long weekend with the...

Next Article
Comment on Threats never take a vacation by How to: Build a Business Case for DDoS - Arbor Insights
Comment on Threats never take a vacation by How to: Build a Business Case for DDoS - Arbor Insights

[…] academic calendar is back into full swing. Summer vacations are now just fond memories (even the horrif...