The need for truthful and honest product disclosure in IT Security

It is high time security companies provide truthful and honest disclosure of what threats a given product can and cannot protect against. (IMG:J.Anderson)

The exponential rise in cyber- attacks and the seemingly lock-step proliferation of security products to safeguard against said attacks seem to have created an unintelligible quagmire for consumers of IT security products. Simply put, consumers have to wade through marketing propaganda and techno-speak in their quest for some form of reasonable assurance of a safe, private internet experience.

It is high time that IT security companies provide transparent truthful and honest ‘Plain English’ disclosure of what threats a given product can and cannot protect against.

Everyone knows that problems and issues inevitably do occur, but how transparent organizations are in dealing with these bad tidings has a material impact on people’s perceptions of the trustworthiness of an organization, person or product. Most people would agree that transparency is required in nearly every aspect of our lives whether at work, in relationships or with companies we give our money to.

Transparency earns trust and loyalty and people have come not only to respect, but also to expect transparency. Transparency is something that is not just clearly, explicitly and comprehensively described by the author, but also that it is done so in a manner that the reader or recipient can understand. In the context of the consumers of IT security, the veracity or efficacy of any solution should be easily discernible and/or recognizable or obvious to an average person. But transparency is a high hurdle and consumers don’t always receive it, particularly in our view when they’re spending hard earned money on products to protect themselves online. 

We acknowledge that IT security is a complex intellectual arena, but other equally complex areas seem to have developed methods of encapsulating the essence of the core attributes of solutions in an easily digestible fashion. For example, the number of pixels for digital cameras and CPU speeds for computers are used to set expectations about the performance of electronic goods.

However in IT security, the only thing that is discernible is the woeful inadequacy of current Internet security industry product’s ability to thwart the ever growing cyber threats and attacks. Just about every internet security solution claims to be anti-malware or anti-phishing but what the heck does that really mean? In truth, not much it seems, for product claims of being anti-phishing or malware are about as effective in stopping these actual attacks as anti-war sentiments are in stopping wars.

Truth, in the context of security software involves first informing consumers in plain English, about the actual threats to security and privacy a given solution can actually thwart. Obtuse language saying your product is anti-something is truthful, but not a very explicit or easy to neither understand statement, nor can one readily and explicitly assess efficacy.

Moreover, it seems that IT security vendors seem to thrive on the one hand on espousing non-security metrics (our product runs the fastest of all other really slow products in our class) and on the other to imbue their solution with convincing sounding techno-speak that is unintelligible to even technically savvy readers.

On this point we would note that the mere exposition of the whiz-bang way in which something was done has very little to do with actual results Some of the biggest names in Internet and IT security products seem to routinely engage in these types of activities which obviously don’t serve the needs of users.

Honest disclosure is a much higher hurdle, as it requires noting the known and conceptually known threats that a given solution cannot effectively address. We at FN adamantly believe that the onus should be on security vendors to be honest about what their products can actually accomplish in regard to thwarting both real as well as conceptual threats.

Vendors need to be aware, or dare we say it, even “required” via regulation or any other suitable means to provide transparently honest disclosure, especially when it involves the protection of highly sensitive personally identifiable information and data, such as passwords, bank information and important files or content, such as intellectual property.

In short, we believe that the IT security industry has lost its focus on the critical inch of its purpose, namely to protect users and their data and instead has focused too much time, energy and attention on matters related to compliance as well as internal/input driven activities of questionable merit, like OS patching, which are at best very weak proxies for actual security results.

In our view, the lack of clear, transparent, truthful and honest disclosure is one of the leading causes for the sorry state of cyber insecurity today.  Vendors owe consumers the truth in plain English to help them ascertain the scope and limitations of certain products and solutions in order to create a set of easily understood comparable facts upon which consumers can make informed decisions.

Until then, caveat emptor!

[This article was written by Dave Lowenstein, the CEO of Federated Networks. The Tech Herald welcomes submitted content from vendors, as long as they remain product neutral. All submissions are subject to editing. Rebuttals to this article or other submissions can be delivered to [email protected] for consideration.]

Like this article? Please share on Facebook and give The Tech Herald a Like too!

From our Other Sites

Awesome Stuff Made Out Of Car Parts

An awesome picture has started doing the rounds showing a bathroom with sinks made out of car tires and faucets created from gas pumps. It’s the ideal bathroom for any discerning car nut. That got us thinking — what other stuff is there made out of car parts and car paraphernalia. Here are some of the coolest […]

Range Rover Evoque Convertible Confirmed

Land Rover has officially confirmed that the Range Rover Evoque Convertible will go on sale in 2016. The company released some publicity photos showing a prototype of the Evoque Convertible driving through train tunnels under construction in London. The company says use of the Crossrail tunnels let them test the convertible in privacy. A Land […]

Mercedes-AMG GT3 Racing Car to Debut at Geneva Motor Show

The company says the standard Mercedes-AMG GT already provides the ideal base for the race model, with low centre of gravity, good weight distribution and wide track width.The driver sits on a carbon-fibre seat pan and is protected by a roll-over cage made from high-tensile steel.The engine cover, doors, front wing, sidewalls, side skirts, diffuser, […]

Lamborghini Aventador Wallpaper

Lamborghini Aventador wallpaper for your desktop or mobile device. Each image links to a page with multiple sizes of wallpaper you can download.

Man Makes Tiny Edible Pancakes with Tiny Kitchen Tools (Video)

This Japanese guy cooks up some pancakes…nothing special there right? Well he uses tiny implements to do it and makes perfect little pancakes. Kinda cool and they look tasty!

What Color is this Dress?

White and Gold or Blue and Black?
Well this one has been trending all over the web, just what color is this dress? It all started in Scotland when the mother of a bride-to-be sent a picture to her daughter asking what she thought of the dress. The bride and groom each saw the image differently, this then got posted online and picked up by some viral sites. The lighting in the photo is probably causing different people to see it as either white and gold or blue and black. Prof Stephen Westland, chair of color science and technology at a university in the UK told the BBC that it was impossible to see what other people see but that it […]

McLaren 675LT Pictures

Some great shots of the forthcoming McLaren 675LT. This coupe will get you to 60mph in less than 2.9 second and go all the way to 205mph.

McLaren 675LT Details

McLaren’s 675LT will debut at this year’s Geneva show and promises some eye-popping performance. The coupe only 675LT has a 3.8 liter V8 that will get you from 0-60mph in less than 2.9 seconds and to 124mph in less than 7.9 secondsMore than a third of the parts have been changed compared with its stable mate […]

McLaren 675LT Wallpaper

Some cool McLaren 675LT Wallpaper. The McLaren 675LT is the latest coupe to come from the supercar maker and has a top speed of 205mph.Click on an image to open a page with multiple sizes that you can download to use as wallpaper for your mobile or desktop.More McLaren Wallpaper.

Octopus hunts on land, grabs crab (Video)

This crab is minding its own business searching the rock pools for food when suddenly an octopus leaps out of the water and grabs it. The amazing thing is that the octopus does not just jump on the crab it actually pulls it all the way back to the rock pool it came from. If you check the second video you will see it is not unknown for octopus to come out of the water and the one in the second video has a crab with it, though is not hunting one! Octopus Walks on Land at Fitzgerald Marine Reserve The video was taken by Porsche Indrisie in Yallingup, Western […]