Unicorns everywhere you look

November 9, 2015 Kevin Whalen

unicorn

It seems as though the desire for magic cures and easy solutions has been with us going back, well, almost forever.

Via The Logical Place, “The following picture is of a cast showing a physician examining a patient while Asklepios stands nearby holding the symbol of medicine, a snake coiled round a staff.”

Snake oil, cure all’s and magic bullets have a long and ignominious history.  They are still as relevant today as they were to the ancient Greeks and Romans.

Just in the past few weeks alone, we’ve seen two high profile examples of medical quackery and magic solutions in the news. The first was a Boston Magazine article titled, Tom Brady’s Personal Guru Is a Glorified Snake-Oil Salesman. The article was an extremely negative profile of Brady’s “body coach” Alex Guerrero who has been accused by the FTC of claiming his products could cure cancer and concussions.

In the most recent GOP presidential debate, frontrunner Ben Carson, a noted and internationally respected brain surgeon, was criticized for his association with Mannatech, a maker of supplements that has been accused of faulty advertising.

Closer to home, in the realm of technology and security, we’re in the midst of the rollout of new chip-enabled credit cards. I’m old enough to remember when these new cards were seen as a solution to retail hacking!

February 2014: Hack-Resistant Credit Cards Bring More Safety—at a Price

The idea that a single new technology would stop, or even slow, attacks is dubious at best. The reason is that when a new technology is introduced, the human beings behind the attacks adapt and all too often, overcome.

November 2015: ID Thieves Use Switch to ‘Chip’ Credit Cards as Fresh Scam Bait

The only path to security is to equip human beings with technologies that enable them to better battle the human beings attacking them. As our CSO/CTO Sam Curry said in a recent blog post,

“The first thing we have to remember is that all online conflict, to date and that I know of or have even remotely heard of, is still fundamentally Human-to-Human conflict.  It’s not Machine-to-Human or Machine-to-Machine…yet.  And it won’t be for a good long while.  I know some of you are reading this and going “wait a minute…” and thinking of several examples of malware and bots and the like.  However, let’s not confuse the tools of conflict with the actors who engage in conflict.  Modern warfare, for instance, involves tanks, guns, planes and ships; but when two countries go to war, we talk of the nations and people in question and don’t say “today, 400,000 rifles declared war on 250,000 rifles.”  In that sense, all the conflict that we really care about is Human-to-Human, it’s just that we employ sophisticated machines as tools; we are not yet fighting Artificial Intelligences with their own reasoning (no matter how sophisticated) or motivations.

All of this gets me to an article I read on the excellent Dark Reading site, by Simon Crosby, co-founder and CTO at Bromium.

Machine Learning Is Cybersecurity’s Latest Pipe Dream

Rather than waste money on the unproven promises of ML and AI, invest in your experts, and in tools that enhance their ability to search for and identify components of a new attack.

The phrase, “If it sounds too good to be true, it usually is” was first coined by the Better Business Bureau in 1954. This is a few thousand years late to help the ancient Greeks or Romans, but it remains sound advice for all of us today, from living legend quarterbacks to aspiring politicians and especially for those of us in the business of securing networks.

 

The post Unicorns everywhere you look appeared first on Arbor Insights - Our People, Products and Perspective.

Read more...

Previous Article
Comment on Pain is inevitable; suffering is optional by Unicorns everywhere you look - Arbor Insights
Comment on Pain is inevitable; suffering is optional by Unicorns everywhere you look - Arbor Insights

[…] The only path to security is to equip human beings with technologies that enable them to better battle ...

Next Article
Comment on Investigation at the speed of thought by Engaging Security - Arbor Insights
Comment on Investigation at the speed of thought by Engaging Security - Arbor Insights

[…] system deployed at a customer site, but used for engineering field test).  In my recent blog post, ‘Inv...