We have entered a new era of information technology, an era where the clouds are moist, the data is obese and incontinent, and the threats are advanced, persistent, and the biggest ever. Of course with all the paradigm-shifting, next generation, FUD vs. ROI marketing, its important to remember that sometimes we need to balance innovation against misunderstood expectations, vendor double-speak, and relentless enterprise sales guys.
Because contrary to the barrage of marketing, these technologies won’t make you rich, teach you how to invest in real-estate, help you lose weight or grow a full head of hair, it won’t make you attractive to the opposite sex, nor will it solve all your problems, in some cases they can improve the efficiency and effectiveness of your operating environment but it requires proper planning, expectation setting and careful deployment…and on that note, I give you the top 10 most overhyped technology terms over the last decade.
10. Privacy (here) Big brother is watching
There is little doubt that advances in technology have radically changed many aspects of our lives, from healthcare to manufacturing, from supply chains to battlefields, we are experiencing an unprecedented technical revolution.
Unfortunately, technology enables the average person to leak personal information at a velocity that few understand. Take a moment and think about how much of your life intersects with technology that can be used to track your movements, record your buying patterns, log your internet usage, identify your friends, associates, place of employment, what you had for dinner, where you ate and who you were with. It may not even be you who is disclosing this information.
We live in a world without secrets and we must act accordingly. Realize that much of what you may think is confidential, isn’t. To borrow an old saying if more than one person knows something it isn’t a secret and if you’re alive today, you have very little privacy.
9. Advanced Persistent Threats (here) Alarming people throughly
Advanced persistent threats are real. As hackers moved from hobby-based malware and cyber-vandalism to financially motivated, or state-sponsored hacking we experienced more thoughtful and controlled approaches. APT isn’t a new class of threat that requires a whole new disparate set of technologies to address. In fact many of the technologies you have been using to identify and monitor deviations from normal operating state are suited to provide a base level of visibility into the environment.
Remember, 90 percent of all external attacks take advantage of poorly administered, misconfigured, or inadequately managed systems that any moderately competent hacker can exploit. Sure, there are some real artists out there, but when you can take candy from a baby 90 percent of the time, you rarely need expert safecrackers.
8. Data Leak Prevention (here) Somebody put a diaper on my data
DLP was the hottest thing to not happen to protecting data since PGP was a McAfee acquisition (they are now independent again). The promise was that DLP would prevent sensitive and confidential data from getting into the wrong hands. Of course there is a big, wide chasm between preventing leaks and preventing loss…leaks you have some level of control over and is primarily focused on negligent internal employees deviating from operational security policies like copying data to a USB and working on it at home, or forgetting that sensitive, proprietary and confidential actually means don’t send this to people who are not in the circle of trust. Data loss however – the real data problem business is facing, is not something DLP is well-suited to prevent. The main reason is simple. An intelligent, trained attacker who wants access to your data will get it.
7. Network Access Control (here) Its all good until someone NACs the CEO
Driven by relentless Cisco and Juniper marketing, NAC was positioned as the best approach to dealing with the increase in infected laptops that were finding their way into the heart of the corporate network and in doing so bypassing all the security technologies that had been aiming at keeping the bad guys out. The market was infatuated with NAC and many vendors came and went, however like many innovations no one seemed to bother to ask if this is the best solution?
Think about why one would use NAC, essentially it is because IT loses visibility and control of their mobile workforce, contractors, and partners that slip in and out of the network…but instead of asking how IT can gain visibility and control into these devices they revert to a giant hammer approach which blocks all access until goodness can be determined, which ain’t easy and doesn’t cover the universe of issues…anyway NAC is somewhere between the trough of disillusionment and gaining a spot on the shelf of forgotten technologies as companies look to alternative approaches to dealing with compromised devices entering their circle of trust.
6. Mobile Malware (here) Like the flying car, no matter what year it is, it is always just about 1-2 years from being a reality.
There is nothing that would make the anti-virus companies happier than mobile malware to bring their performance degrading, signature-based shakedown business to a smart phone near you. The boardroom would be abuzz with talk of record growth and skyrocketing profits. But alas, the onslaught of mobile malware has yet to become the epidemic anti-virus company shareholders so hope for.
Mobile malware will become a reality one day, but that day has not yet come. For the time being, it’s better to focus on improving assets that are actively under threat, such as endpoints, servers, and databases and when it comes to mobile recognize the biggest threat isn’t an eastern european hacker, it is instead a negligent employee that accidentally leaves a hand-held container of corporate secrets in a silicon valley bar
5. Cyberwar (here) and (here) Don’t force us to DDoS you back to 1998 or what happens if we throw a war and no one shows up?
There is much discussion of the changing dynamics and technologies of warfare but references particularly to cyber warfare have increased recently. Many people in the information security industry believe that we have entered an era of ‘cyber warfare’ and that government leaders need to go on the cyber-offensive. Although future wars are expected to include cyber-targets of some form, the hype surrounding cyber warfare created by the IT industry simply isn’t justified.
Worse still, the conjecturing about cyber warfare can lead to a distraction from an IT professional’s real concerns – responding to the less exciting but very real day to day threats.
It serves little purpose to continue communicating the misinformation, propaganda, and fear that the industry currently seems to be embracing. So many in the information security industry are not adequately informed, nor do we possess the requisite experience to decide in what fashion the military should respond to protect our nation’s interests. Conversely there is a lack of technical understanding within the US government that can adequately inform and provide guidance to deal with the emerging threats posed by interconnected digital assets with no physical boundaries. The solution is an understanding of how to protect against real, not imagined, threats and to create a foundation of cooperation that will enable rationale discussion between public and private sector within our own national boundaries and in cooperation with our international allies.
4. Social Media (here) I’m the mayor of ‘who gives a shit’ on 4square
Never before have so many, worked so hard, to make sure the world knows what they had for lunch and who they are friends with…Twitter is the worlds largest manifestation of Skinners operant conditioning chamber (here) with compulsive tweeting behavior driven by semi-random retweets & responses.
3. Big data (here) Do these petabytes make my data warehouse look fat?
Big data is a scorching hot topic, currently capturing a lions share of the markets available stock of hyperbole and for good reason, data is growing at a meteoric rate.
As we continue to innovate, as business accelerates technology adoption, as the line bleeds between corporate and personal computing and as we interact more in digital mediums we are creating mountains of data. Much of this data is garbage, but some of it is gold.
Unfortunately with all overly hyped technologies there is a lot of misinformation, failed expectations and the inevitable trough of disillusionment, but that doesn’t mean you have to spend months or years curled up in a fetal position, disillusioned and wondering what went so wrong. With a thoughtful approach you can venture through the murky swamp of your big data and find the insights that provide your company a significant competitive and market advantage.
2. Virtualization, especially desktop virtualization (here) and (here) I know what kind of computer I am; I’m a computer, playing a computer, playing another computer
Thanks to VMware you can barely turn around today without someone using the V-word and with every aspect of the English language, and some from ancient Sumeria, now beginning with V it will only get worse. There is no question that virtualization holds a lot of promise for the enterprise, from decreased cost to increased efficiency, but between the ideal and the reality is a chasm of broken promises, mismatched expectations and shady vendors waiting to gobble up your dollars and leave a trail of misery and despair in their wake.
This is especially true for desktop or client-side virtualization. Hosted virtual desktops, thin-client computing models, centralizing desktop management into a datacenter and solutions that require heavy back-end infrastructure and perfect implementations of Active Directory are doomed to fail. So tread carefully when a C-level exec or overzealous IT administrator returning from a boondoggle weekend with VMWare or Citrix returns proclaiming the end of the traditional desktop is here and VDI offers nigh-invincible security and systems management attributes.
In some select situations client-side virtualization does hold promise for improved efficiencies, lower cost and improved security and systems management. It has benefits for software distribution and OS deployment models, but until the industry understands that we will not return to thin-client computing models and centralized management is antithetical to every current trend in client computing we will not see widespread adoption of VDI no matter what VDI vendors claim.
1. Cloud-computing or the “cloud” (here) The biggest risk from the cloud is moisture
OH: Why don’t we just add ‘cloud’ to the message?
the really sad part of that statement is it wasn’t only over heard once or twice but on at least a half-dozen conversations across different companies and technologies…without a doubt the term that has captured more hyperbole, misinformation and confusion is cloud-computing or even worse, the “cloud”…I’m still wondering what Google will do with gmail once this whole “cloud” thing becomes a reality, how will Akamai handle traffic between the “cloud” and the Internet?
Cloud computing provides tremendous promise leading IT towards the land of “dynamic and agile infrastructure” but along the way they must pass through the dark forest of limited to no visibility and near-zero control.
Something, something this way blogs 
I don’t work for an AV vendor and I personally can’t stand them, but I’ve seen “mobile malware” perhaps you should do some research before make posts like this.
Hey Jesse,
Couple of things;
My post was not meant to say that mobile malware doesn’t exist in any fashion, only that it isn’t something that requires organizations to run crappy AV products on top of their smart phones, the malware landscape doesn’t warrant it and the solutions don’t work well anyway…and it is totally overhyped.
1. Mobile malware represents like 0.1% of the total malware market according to a recent (9/2011) study from German company G Data. And even this number is in dispute. McAfee represents that they saw 2 million malware samples a month and heading towards a total of 75 million malware samples by years end, in terms of mobile malware it represented 0.x% of that total .000016% of total malware samples
2. The current signature based AV products are not able to keep up with the current malware rates on traditional platforms, adding mobile platforms will only continue to challenge these vendors to provide proper protection. Some of these products do not work at all, in fact AVG was recently removed from the Microsoft app store for exactly this reason…you can read more (here), but essentially the product didn’t do anything but scan for the test AV file eicar, but not really anything else — so it didn’t work, sucked up resources and tried to influence/scare folks to buy a license to the product that doesn’t really work – according to Microsoft.
3. The majority of these platforms can actually do a better job on the backend preventing malware distribution through their application stores, which is where some Android malware code was released, however Google responded quickly to remove the infected apps and to add additional controls to limit the probability of malware distribution in the future
so, bottom line, like all the hyped terms mobile malware does exist, just like Dengue fever and Polio, but that doesn’t mean that we should be running around installing crappy AV products that dont work and create a management and user experience nightmare (trust me as the former executive in charge of IBM Security’s emerging security strategy all of the AV products I tested sucked way more than any malware I would encounter.
No on to some hype:
Kaspersky drags a German TV crew into a Faraday cage to show them how devastating Cabir, the world’s only – at the time – virulent semi-infectious (when forced to spread manually in Faraday cages) strain of mobile malware, really is – it is only a small leap from manufactured media stunt to full-blown, thermo-nuclear war resulting in the rise of the machines – the end of days is nigh brothers!
McAfee Sophos, Trend and Symantec have been putting out press releases and security reports since 2005 heralding the second coming of a digital virus outbreak through mobile phones and yet here we are almost in 2012 and very few companies are experiencing major losses, pain, or business impact from mobile malware. On the other hand the number threat that is real and had resulted in very public business impact (such as the release of prototype Apple phones that were left in a silicon valley bar – happend twice actually) – that is where organizations should be focusing their budget and controls and not trying to fit a square peg signature based AV solution into a small platform with limited resources and a very strong consumer orientation.
Hope that clears it up…now if you would like to share some research that shows that the cost of mobile AV coupled with the threat justifies the AV vendor hype?
Amrit
Agree with Amrit here. The Emperor’s been exposed as having no clothes. AV defeats practically *nothing* new. The real danger to mobile devices is the ability of users to install code at a whimsy without any consideration for what it does beyond the apparent cleverness and passing utility. If AV vendors give a whit about really securing mobile devices, they’ll shift to whitelisting and image protection. But they won’t because that’s a relatively lightweight product with a much less convincing argument for subscription based products.
Amrit,
Disclaimer: I work for an anti-virus vendor (I even met you a couple of times) but these opinions are my own, not my company’s in any way.
I have a couple of comments:
1. Mobile malware (or) malware in general. Unless you are a Mac/Linux user – which I am, fortunately – isn’t it almost expected that you have an AV installed? Particularly because we tend to use the same device for both work and personal purposes. It’s almost like we can slam AV all we want but it seems to have a place in Windows – and now Android – world. In fact, in some of the online webinars I attended, I came to know that enterprises (and security consultants – pretty sure they are not associated with AV companies, at least directly) aren’t too keen on Android because of the prevalent malware. It’s not about whether they have the numbers on the justification of the cost, but it is more on the damage they can use. So, hype are not, there seems to be some merit dealing with it.
2. Social Media. Agree with you for the most part but IMHO, two things make a difference, particularly when used diligently. Twitter and Facebook. I actually rely a lot on the former (shameless plug: my handle is @cbkumar) for getting succinct information – you say semi-random retweets, and it may be true for most part but information from people like you, @beaker, @samj helps me get the point quickly. My other choice would be to browse thru plethora of blogs which may or may not have good info. Filtered information is what I get from Twitter. Also, not sure if you agree but I think people are more willing to write out one or two 140 char tweets than write a 300-word blog. As to Facebook, I don’t have many friends but for the small group I have, FB helps in keeping touch, etc.
My 2 cents… Thanks for the good post, btw.
– Bharath
Great examples of hype, Amrit; and I’m appreciative that you’re not dismissive of the terms and concepts themselves, just their egregious mis- and over-use.
One point of contention: APTs. While I agree that many organizations don’t need to *collect* different data than what they’re already collecting today, they do need the ability to *use* that data in different ways than a collection of disparate point tools can provide. SIEMs, netflow/DPI tools, configuration management products, etc., do not talk to each other (and no, collecting non-event data and shoving it into an “event” container, like some SIEMs do, doesn’t count…) If you’re looking to identify, say, the ingress of an external attacker, you need to be able to correlate the context of one thing (say, and event) with another (say, the unauthorized state change of an asset, such as the presence of a new Windows registry key, or a modified ACL), and possibly others (say, the presence of unusual egress network traffic from the targeted host).
That’s one of many examples, of course; ultimately, security professionals will need better tools (and possibly, as new APTs emerge, new types of data) that they don’t have today.
Pingback: Computer & Gaming Product Retailers in the UK Industry Market Research Report Now Updated by IBISWorld | computer laptop reviews, desktop computers, notebook reviews