Security fear

The tactics of fear

Longform
Image: Stockfresh

23 June 2014

It’s a valid point. Sometimes, the only way to get a response from people is to scare the living daylights out of them. But often, that doesn’t work either. And after a while, it can become counter-productive. Particularly if the warnings become more shrill as a result.

The Y2K bug is a case in point. Liam Halpin, general manager of Dell Ireland, is one of those who believe that the money was well spent in ensuring systems weren’t at risk of the bug. “People say nothing happened but that was because organisations achieved the deadline in upgrading,” he argues. Halpin agrees that a lot of the apocalyptic scenarios that provided the narrative for the perils of the Y2K bug probably weren’t real risks “but they were the ones the media picked up on the most. It’s not very exciting to say ‘if you don’t do this, your sales rep might not turn up to a customer meeting on time’ but it’s still important”.

“A lot of the ‘fear’ is about keeping the infrastructure and software up to date” – Liam Halpin, Dell

But he makes an interesting observation that the looming threat of the Y2K bug deadline helped to focus a lot of minds, even if a lot of the work got pushed into 1999. “A lot of the ‘fear’ is about keeping the infrastructure and software up to date,” he says. A case in point is Windows XP with most large migrations to Windows 7 “either done in the last 12 months or currently being implemented. The next one coming is Windows Server 2003. Again, there are critical services in SMEs, large business and government departments still running on that platform”.

Halpin believes that making customers aware of the potential pitfalls can help to concentrate the mind and get them to focus attention on an issue in time to address it. “If you keep long-fingering making changes, you’re going to end up in a situation where somebody across the table is going to be saying ‘if you don’t do this in the next six months, it’s going to have a serious effect on your business’.”

Fuelling fear
Dermot Hayden of Sophos believes it’s not just the vendors fuelling the fear when it comes to IT security. “A lot of it is the mainstream and IT media picking up on stuff and off the back of that, particularly if it’s a sexy new thing, it gets a lot of airplay. The reality is that sometimes works against the interests of the customers and vendors,” he adds.

How? Well, while sex sells, it doesn’t necessarily sell the right stuff. So media excitement or frenzy over a particular security issue, such as Heartbleed, might get people “focusing on the latest and greatest, but often that isn’t the issue. The issue is the often the basics that people haven’t yet grasped. You could get customers asking about Heartbleed who, at the same time, are securing their wireless using WEP or some other broken standard. More often than not, they haven’t got the basics in place.”

Read More:


Back to Top ↑

TechCentral.ie