Getting Real with Cybersecurity: Time to Cut Through the Noise
There’s a lot of noise in the cybersecurity world these days, and a good chunk of it seems to be aimed at vendor bashing. The latest hot topic? Vendors are too busy trying to create silver bullets instead of delivering the quality, well-tested platforms we all need. And let’s be honest—it’s hard to argue with that, especially when you look at recent missteps by industry giants like CrowdStrike. But before we get too comfortable throwing stones, let’s take a closer look at what’s really going on here.
The truth is, we’re all guilty of pointing fingers at vendors for the state of cybersecurity today. Yet, many vendors are quick to claim innocence, pretending their hands are clean. The reality? Managing the security of an organization or government infrastructure is a complex, grueling task that spans people, processes, and technology. It’s not just hard work—it’s relentless. And here’s the kicker: without solid, well-integrated technology platforms in a state of continuous improvement, most of us CISOs would be dead in the water.
Sure, it’s easy to romanticize the “good old days” of cybersecurity—when logs were hand-analyzed, threat intelligence was manually curated, and every incident was met with a painstaking, old-school approach. But let’s be real for a moment. If we were to revert to those methods, we’d need an army of analysts. And guess what? The money-meisters would never sign off on the budget for that.
So, here I am, going out on a limb and suggesting something that might ruffle a few feathers. All those consultants, vendors, and journalists preaching that we need to “get back to basics” in the same way that vegans suggest we all ditch our cars and start eating kale can eat my shorts. We don’t need to throw out technology and start over; what we need is a reality check.
Recommended by LinkedIn
Technology vendors need to be held accountable, but let’s not pretend that the answer lies in some rose-tinted view of the past. Good CISOs—real CISOs—aren’t baffled by the BS. We know how to sift through the fluff on the sales brochures and get to the nuggets of value hidden underneath. That’s why we get paid the big bucks. Our job isn’t just about keeping up with the latest buzzwords or playing along with vendor hype; it’s about knowing what works and what doesn’t.
And you know what? It’s time we all started calling it like we see it. Let’s stop glorifying vendors, but let’s also stop glorifying outdated, outmoded ways of working. The constant disclaimers of “this post is sponsored by vendor X” are getting old. We need a middle ground—where we can honestly discuss the tools that are making a difference and the ones that are just wasting our time.
So, who’s with me? Let’s reset the pendulum back to the middle. It’s time to get real about cybersecurity, and it’s time to start demanding more from both our vendors and ourselves. No more excuses, no more finger-pointing—just straight talk and real solutions.
Who’s ready to step up?
Technology | Strategy | Leadership
6mo‘All those consultants, vendors, and journalists preaching that we need to “get back to basics” in the same way that vegans suggest we all ditch our cars and start eating kale can eat my shorts.’ This is gold 😂. Vegan shorts…I’d assume? 😊