CSO Senior Editor Bill Brenner goes to New York and finds the perfect example of what Bruce Schneier calls "security theater." Security luminary Bruce Schneier has described security theater as a series of countermeasures designed to provide the feeling of improved security while doing little or nothing to actually make us safer.I found the perfect example of that last week during a trip to New York for CSO’s forum on PCI security.During some downtime I decided to take a walk around Midtown and wound up at the Empire State Building. I decided to go up to the observation deck, figuring it would be a quick side trip.Inside, I went through a screening line that resembles a TSA airport security checkpoint or the security line one wades through when entering a court building. Fine, I thought. This is just the way it is in the post 9-11 world. This is arguably the best known building in Manhattan and it’s a tempting target for terrorists. From there, however, people are sent through a ridiculous maze on the way to the first elevator. It’s partly designed to guide people to the right places, though it seemed to sow more confusion instead. It also appears designed to slow down anyone who might be looking to cause trouble.Along the way, peddlers stake out parts of the maze and try to sell you things: a hand-held device that tells you where to find certain landmarks below, a fancy map that does the same, etc. This brought two things to mind: First, the security layout may well be a sham designed to slow people down so peddlers can sell them stuff. Second, if it’s genuinely designed for security, it’s all theater and no substance.If anything, the maze creates more of a security risk by throwing obstacles in the way of people who might have to evacuate in an emergency.This space is usually devoted to vendors and PR flaks who try to use FUD to drum up publicity for security products. But the government and owners of places like the Empire State Building also use FUD as a device in their own brand of security theater.By setting up loud security barriers like this, they are doing their part to create an atmosphere of fear, when they are really out to make people feel safe.All I know is this: If a skyscraper is on fire and I need to get out in a hurry, the last thing I want is a big obstacle course in my way on the ground floor.About FUD Watch: Senior Editor Bill Brenner scours the Internet in search of FUD – overhyped security threats that ultimately have little impact on a CSO’s daily routine. The goal: help security decision makers separate the hot air from genuine action items. To point us toward the industry’s most egregious FUD, send an e-mail to bbrenner@cxo.com. Related content news Okta launches Cybersecurity Workforce Development Initiative New philanthropic and educational grants aim to advance inclusive pathways into cybersecurity and technology careers. By Michael Hill Oct 04, 2023 3 mins IT Skills IT Skills IT Skills news New critical AI vulnerabilities in TorchServe put thousands of AI models at risk The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said. By Shweta Sharma Oct 04, 2023 4 mins Vulnerabilities news ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code NCC Group report claims machine learning models show strong promise in detecting novel zero-day attacks. By Michael Hill Oct 04, 2023 3 mins DevSecOps Generative AI Vulnerabilities news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe