Cookies help us display personalized product recommendations and ensure you have great shopping experience.

By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
SmartData CollectiveSmartData Collective
  • Analytics
    AnalyticsShow More
    big data and customer service outsourcing
    How Data Analytics Improves Customer Service Outsourcing
    18 Min Read
    How a Specialized Marketing VA Improves Campaign Analytics
    How a Specialized Marketing VA Improves Campaign Analytics
    11 Min Read
    New Data Analytics Breakthroughs Give eCommerce Startups a Fighting Chance
    New Data Analytics Breakthroughs Give eCommerce Startups a Fighting Chance
    6 Min Read
    How Data Analytics Is Reshaping Patient Financing Decisions
    How Data Analytics Is Reshaping Patient Financing Decisions
    13 Min Read
    business using business intelligence
    How to Use a Competitive Intelligence Dashboard to Turn Market Data Into Smarter Marketing Decisions 
    9 Min Read
  • Big Data
  • BI
  • Exclusive
  • IT
  • Marketing
  • Software
Search
© 2008-25 SmartData Collective. All Rights Reserved.
Reading: Are Security Pros Becoming Too Paranoid?
Share
Notification
Font ResizerAa
SmartData CollectiveSmartData Collective
Font ResizerAa
Search
  • About
  • Help
  • Privacy
Follow US
© 2008-23 SmartData Collective. All Rights Reserved.
SmartData Collective > IT > Security > Are Security Pros Becoming Too Paranoid?
Security

Are Security Pros Becoming Too Paranoid?

BryanHalfpap
BryanHalfpap
3 Min Read
SHARE
Paranoia is good when it comes to cyber-security…or is it?

Are we making ourselves paranoid?

Paranoia is good when it comes to cyber-security…or is it?

Are we making ourselves paranoid? Like many computer security professionals, I tend to closely follow technology and security news, even though its often discouraging and depressing.  It is routine to see articles disclosing general information about recent attacks and criminal successes (and sometimes criminal captures).  I suppose that at this point it is fairly common to find “shocking” breaches of trust and security in major corporations or large, widely-used or well-trusted systems.  Even reports of malware infections in drone control centers was met with a certain “well it was only a matter of time” feeling. This cynicism is common amongst those who work in the computer security field, both as reporters and as professionals in some capacity from tier 1 support to penetration testing and CSO’s.  When you’re a cynic, you stop being surprised.

What has started to happen as a blowback from all this security bad press and cynisism is a general feeling of paranoia.  This paranoia, advocated by security pros to general users in order to cut down the rate of infection of users and lessen security risks, is starting to creep into the minds and actions of security personnel.

This is a major problem because overly-paranoid security team members can cause major headaches with overreactions to abnormal conditions.  Like in Illinois with the water pump scare, or with the recent rumours of Iranian spy drone hacking.  While computer security problems have plagued us for years, they aren’t always to blame when something unexpected happens.  It’s important not to alienate users, customers, and the world at large by overreacting or acting before all the information is gathered.

It’s like the boy who cried wolf.  If your security team jumps at nothing all the time, they will not be taken seriously when they need to.

Implement policy to fix announcements of false positives.  A simple series of steps and confirmations should be enough to let you detect, learn about, and defeat intrusions.

  1. Verify with users or other policy that system behaviour is unexpected or unwanted.
  1. Gather information about activities on system.  Running programs, users, log information, communications to other systems, and outbound communications are important to know in order to profile the attack and determine the extent of the damage and action.
  1. Disable/disarm attacker.  Use knowledge gained from step 2 to block attackers when starting remediation/triage.
  1. Perform triage and remediation procedures on affected systems.

You will need to determine for yourself when along that process a security disclosure needs to occur in order to remain compliant with standards and honest with users/customers.

TAGGED:false positives
Share This Article
Facebook Pinterest LinkedIn
Share

Follow us on Facebook

Latest News

big data and customer service outsourcing
How Data Analytics Improves Customer Service Outsourcing
Analytics Exclusive
The End of Unstructured Marketing: Forcing Generative AI into Strict HTML Schemas
The End of Unstructured Marketing: Forcing Generative AI into Strict HTML Schemas
Artificial Intelligence Exclusive
How a Specialized Marketing VA Improves Campaign Analytics
How a Specialized Marketing VA Improves Campaign Analytics
Analytics Exclusive
ai marketing tools
The 9 AI Tools Marketers Use to Create Images and Video in 2026
Artificial Intelligence Exclusive

Stay Connected

1.2KFollowersLike
33.7KFollowersFollow
222FollowersPin

You Might also Like

Reducing False Positives in Customer Screening

4 Min Read

SmartData Collective is one of the largest & trusted community covering technical content about Big Data, BI, Cloud, Analytics, Artificial Intelligence, IoT & more.

data-driven web design
5 Great Tips for Using Data Analytics for Website UX
Big Data
ai chatbot
The Art of Conversation: Enhancing Chatbots with Advanced AI Prompts
Chatbots

Quick Link

  • About
  • Contact
  • Privacy
Follow US
© 2008-26 SmartData Collective. All Rights Reserved.
Welcome Back!

Sign in to your account

Username or Email Address
Password

Lost your password?