I’m Spartacus

The annual tribute to information insecurity was in full swing when I finally arrived at Infosec, the Information Security Show at London’s Olympia. Security or its absence is visibly big business, because the aisles between the different stands were only slightly less crowded than the platform at Earls Court Station and thanks to Olympia’s glass roof, as comfortable as one might expect from a giant greenhouse, packed with PCs and power cables.

The worst place of all to hide in is the press room because the different security vendors arrive in relays to fill-up the information packs on the display racks along the wall of the room. Every now and then, an enthusiastic PR person will spot one of the weary looking journalists taking a coffee break from the chaos downstairs and will attempt eye contact.

You’re Simon Moores aren’t you, I read your column?”

Damn, I’ve been rumbled but I can’t deny it and my eyes flick desperately towards the only exit but there’s no hope of escape.

“Can I tell you about our new Enterprise security suite that’s launching today”?

How many Enterprise security suites can there be I wonder? The answer of course is there can never be enough and each one promises to be better than its rivals, conjuring up an image in my mind of the final scene in the film, Spartacus.

Which one of you is Spartacus”? You know the answer of course, they’re all Spartacus but the packaging and the price can vary to suit the size of your wallet.

The InfoSec show has been around for a long time but 90% of organizations are still being hacked or trojanised or compromised in one form or another.

One might expect, that if all this stuff really worked, then the Grand Hall at Olympia would be relatively deserted but of course its not. This leaves me wondering if the winner of some imaginary InfoSec competition were given five minutes with a shopping trolley to pick and choose security solutions at will from the hundreds being displayed on the show floor, whether in twelve months, he or she would be able to demonstrate a 100% security record? I doubt it.

But real security, if there is such a thing, involves rather more than bolting a complex Meccano set of point solutions together, leaving narrow gaps which can only be properly closed through an intimate grasp of the configuration issues. Very few people outside of the really large companies have this kind of experience, which of course means that the further down the corporate ladder you look, the less likely it is that the IT Manager, if one exists, is able to close off even 90% of the potential threats facing his network on a daily basis.

This rather explains why the InfoSec show is so popular. People aren’t so much looking for solutions as searching for salvation. Until the time comes that the industry and indeed, Microsoft, can promise security at the flick of a switch, the same audience will keep coming back. Hoping that among the busy stands they’ll one day find a magic box, one that will relieve them of the pain, cost and responsibility of the security burden and give them what they’re looking for, peace of mind in a world of constant and unknown threats.


Popular posts from this blog

Civilisational Data Mining

The Nature of Nurture?