Is the security community selling fear?
Robert Siciliano Identity Theft Expert
Cyber crime profits are running into the trillions.
Weekly, and often daily, I remind readers of how potentially screwed they are once they boot up their PCs and access the Internet. Identity theft is a real problem that messes up people’s lives. When someone’s PC is hacked and their passwords are compromised, account takeover can be financially devastating. Even though a financial institution may resolve the errors, victims still lose money.
Most are beginning to realize that the only secure PC is one that is powered off.
Many view these rants as selling “FUD”: fear, uncertainty and doubt. And selling fear is what gets people to buy your security product. Many have accused the Internet security companies of being fear mongers peddling their wares during the Conficker scare.
Fear-based selling has been going on since the beginning of time and will always be a part of the sales cycle. But am I really selling fear? Do those I work with sell fear? I don’t think so. But feel free to disagree with me.
The fact remains that there are scumbags out there, trying to figure out how to get you to part with your money in thousands of different ways, every day, all day. And if reminding readers of all these scams and then selling a solution to the problem is selling fear, then so be it. The question is, is the fear real or made up? Is there a legitimate scare that needs to be brought to light, and a solution that will fix it? Or is this just selling snake oil and false promises, and taking advantage of people?
Information Week states, “The computer security industry has failed computer users, and the Internet has become so unsafe that average users can’t protect themselves.” The Internet is not a safe place for everyday folk. The online world is like Iraq and Afghanistan (dangerous), the Taliban (criminals) are everywhere. Most people do not have the capacity to secure their networks or the technical know-how to surf safely. Studies show that 40% of web surfers haven’t updated their browser’s security, or their Windows-based computers don’t have their critical security patches updated.
The threats are real. The Washington Post reports that Senate lawmakers are advancing legislation to create mandatory computer security standards for government and private sector operators of critical infrastructure. This is legislation that will force standards in security, ensuring that we keep the lights on, the fields plowed, the water clean, and the engines running.
If there was ever a time to be “fearful” and to make an investment in identity theft protection, Internet security software such as McAfee, or any other protective hardware or software as a result, now is that time.
Robert Siciliano Identity Theft Speaker discussing online security here
I’m excited to work with uni-ball in 2009 in a partnership to help raise awareness about the growing threat of identity theft and provide tips for protecting yourself. Check out uniball-na.com for more information.