Today’s crowded email security market has become littered with false claims. I can tell you that firsthand—the company I run competes in this crowded arena. (And as such, I have a financial stake in writing this article.)
As a potential buyer, empty promises are incredibly confusing. As a vendor, they’re counterproductive and dishonest—it’s pretty unethical to say your product removes all risk of any existing or future threats.
How did the industry get here? It’s a little more complicated than just too many vendors trying to get heard over all the noise—and it’s entangled in the history of cybersecurity itself. Many of us often wonder if it’s even possible today for companies to see fact versus fiction to make sure they’re investing in the right system features and benefits.
Cybersecurity has grown extremely complex over the last decade. At its earliest, the landscape was ruled by hackers steeped in computer science whose activity was mostly on the offensive side—finding ways around security protocols for street cred. As it evolved, many hackers “went corporate” and refocused their skills defensively to help companies arm their internal systems against malicious attacks. These skills, honed intricately by years of practice and trial-and-error, established the baseline for the entire cybersecurity industry.
On the plus side, a new sense of professionalism has evolved with certifications such as certified information systems security professional (CISSP) and CSA. There’s even a course dedicated to certified ethical hacking. None of these programs were available 20 years ago. In addition, more mid-level jobs now exist for cybersecurity professionals, so the role of the chief information security officer (CISO) has become significantly less technical than it once was.
Today, it exists as an amalgamation of a variety of functions, including application security, network security, and physical security. There’s much more on a CISO’s plate and many more security vendors to choose from. Many CISOs also sit on corporate boards and are carefully watched and assessed. With breaches potentially costing millions of dollars, the stakes are high—and vendors converge on stressed out CISOs unsure of where to turn.
In the past, hackers were highly skilled at cyber breaking and entering—and these proficient hackers became cybersecurity leaders in the private sector.
But today’s hackers are lazy cri