Vendors serving the InfoSec market are quick to sling buzzwords and jargon, but do the terms used accurately reflect their product's abilities? Sometimes the marketing is correct, but most of the time the pitches are full of FUD and sensationalized with hype.
Earlier this month, security vendors from all over the globe flooded Las Vegas to showcase their products and meet with potential buyers during Black Hat. Like the RSA conference, which is held at the start of the year, vendors spend a good deal of money and time getting out to Las Vegas in order to attend the business side of what's affectionately called hacker summer camp.
The buzzword with the most attention this year during Black Hat was (in our opinion) security analytics (SA), something that's gained a good deal of attention over the last few years. It seems like everyone wants SA products, and vendors are tripping over themselves to claim a piece of the pie. However, a Forrester report published in May says that marketing hype and misunderstandings have confused the SA market.
Essentially, the saturation of buzzwords and hype concerning what is and isn't security analytics has made it difficult for business leaders to make informed decisions.
"There's this sort of love in attaching yourself to the next big buzzword. I think we need to stop that," Feris Rifai, the CEO and co-founder at Bay Dynamics said, discussing the inundation of buzzwords and marketing in the space.
"We need to put this sort of plain English rule in place. Say what you're doing, and if you're truly solving a problem, state how you're solving that problem."
Security analytics exists primarily to offer some centralized visibility across the whole environment, which is then supposed to aid in speeding up detection and resolution. Earlier this year, during the RSA conference in San Francisco, 147 vendors claimed to have security analytics solutions. While most certainly had a security analytics component, the majority were just hoping to cash-in on the halo effect of the term.
"Like so many terms, vendors have used the term SA somewhat recklessly, creating confusion in the market," the Forrester report explained.
"SA platforms must provide visibility to the entire environment, not just users," the report adds, which excludes vendors that attempt to push user analytics products as an entire platform.
"Many security products such as Arbor Networks and Cylance use machine learning and behavioral analytics for threat detection. Using analytics techniques doesn’t make the product an SA platform, and it’s not appropriate to compare the products."
The security analytics market isn't the only place where oversaturation has caused confusion. Threat Intelligence is another term that has been abused. Everyone claims to be a threat intelligence vendor on some level, but that just isn't true. Worse, the saturation of the term threat intelligence has actually caused it to lose value in some circles. Salted Hash actually addressed the FUD and sensationalism during the RSA conference this year.
Yet, there’s a reason the InfoSec terms are so hyped and why buzzwords are a thing.
"At the end of the day you want your name associated with something that a potential buyer will Google. At the same time, when you rely on buzzwords that everyone else is using, you get lost in the crowd," explained Abby Ross, Director of Public Relations at Bay Dynamics.
So does the use of buzzwords and hyped marketing help? In some cases, not really. Most business leaders ignore the hype. But unfortunately, not everyone does this.
"We are often in discussions with security vendors for a myriad of offerings. As the third largest communications provider in the U.S., we get solicitations quite often. The pitches themselves don’t determine our strategy for cyber but our deep network throughout the industry certainly helps us stay abreast of market developments," explained Dave Mahon, CSO for CenturyLink, a telecommunications company headquartered in Monroe, Louisiana.
"We also have a very strong bench of security experts at CenturyLink who are active in the cyber community. We do see a lot of overstated vendor claims, and our best advice to vendors is to provide your most technical presentation at the first meeting and dispense with the marketing material."