https://www.cnbc.com/2019/03/18/heres-how-cybersecurity-vendors-drive-the-hacking-news-cycle.html
By Kate Fazzini
CNBC.com
March 18, 2019
The cybersecurity vendor marketplace is growing so crowded that some companies
have been resorting to extreme tactics to get security executives on the phone
to pitch their products, including lying about security emergencies and
threatening to expose insignificant breaches to the media.
The aggressive tactics come as the cybersecurity market expands dramatically,
with a "long tail" of thousands of vendors with niche specialties. These sales
tactics can make it harder for overworked cybersecurity execs to find and stop
real threats. It can also result in overhyped publicity about breaches and
hacks that are actually minor, which confuses customers and consumers.
CNBC spoke with four top cybersecurity executives at Fortune 500 finance,
health care and payments firms about unsavory practices from vendors. These
executives all said they have been pressured by vendors and researchers who
claimed — rightly or not — to have found a cybersecurity problem at their
company. Some hinted at the possibility of negative news coverage if the
executive did not listen to the vendor’s full pitch.
Complicating the picture, many ethical hackers use their contacts with the
company to report legitimate problems. One executive complained the noise makes
it difficult to pinpoint the legitimate reports of infrastructure flaws that
need to be fixed.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
