5 Discredited Terms in Cybersecurity
For a long time, the information security has been a closed issue of military officers and scientists, and for ordinary person the situation has not changed. Vendors cultivate their “selectness”, intimidate non-specialists of growing non-countering threats. But even in such “muddled” subject, there are champions in “muddiness”. A variety of terms discredited due to their fuzziness, uncertainty and questionable usability, including those 5:
- SOC — this term is used in a dozen of meanings, from “Incident management process automation” to similar term SIEM, and each new meaning causes confusion of how useful SOC is for a certain organization.
- Information risk management\assesment — this term approved itself as a sorcery. The most skillful sorcerers are able to jump around the fire so prettily that business agrees with their assessments. The less skillful sorcerers do not understand why nothing works out and the result is not reproduced.
- Cybersecurity audit — we can call anything as “audit” — from simple network scanning (using nmap) to comprehensive assesment of security posture in a global organization with drawing up comprehensive recommendations.
- Application security — vendors of code analysis tools actively promote “application security = code analysis” equation. But correct code does not save from errors in role model design or absence of access certification.
- Best practices — every second vendor deems it duty to publish some “best practices”. Why are they the best, who uses them and what are results of their implementation?
Among future candidates for “champion”, the term “security analytics” is such a versatile term, that Gartner even published a separate whitepaper about it. The main problem is that cybersecurity changes so fast, that no standard keeps pace with it. Probably, each organization should choose preferred set of international practices (for example, CoblT) and use its terminology across cybersecurity sphere.