The Benefits of FUD

Wednesday, July 06, 2011

Emmett Jorgensen


Article by Emmett Jorgensen

Ah, FUD. Fear, Uncertainty, and Doubt. Enemy of skeptic IT Pros, ally of marketers everywhere!

But is it really so cut and dry? Why do Infosec Professionals always talk about FUD in a negative light? Granted, some vendors push the FUD aspects of their marketing a bit too much. 

However, personally, I think a little FUD can be a healthy thing. Let me explain my stance.
Most innovations, IT or otherwise, come from necessity. Someone, somewhere (be it a business, or individual) sees a need and attempts to come up with a way to fill that need. It’s part of what makes the world go round.

FUD, whether natural or manufactured, causes a perceived necessity. (Whether that necessity is real or imagined, it doesn’t really matter, the end result is the same). 

Take, for instance, the cold war. The stand-off between the United States and former Soviet Union created an unprecedented level of FUD by our leaders, militaries and scientists. Neither country wanted to lose ground on the other in terms of technology and innovation for fear of losing their advantage should war ever break out. 

Neither country wanted to be runner up in technology and innovation in an effort to prove global superiority. For years, FUD fueled many of the technological advances we enjoy today.

The FUD caused by the cold war led to the development of the Internet, the space race (and by relation satellite communication, moon landing, etc.), stealth technology and nuclear energy to name a few. 

Security vendors and IT professionals are mired in a war of their own; against black hat hackers and criminals attempting to compromise their valuable assets. The difference is this is more of a guerilla war, where the attacker is seldom seen until the damage has already been done.

Regardless of the method, the FUD created by these attacks is driving development of new products and services. Security vendors are developing new products based on a perceived necessity on the part of infosec professionals. If the FUD didn’t already exist to some degree, these products wouldn’t be in production. 

True, marketers are quick to play up the fear associated with these attacks. However, it is simply hyping up an already existing problem. In turn, they will attempt to offer some sort of solution to the issue at hand. The solutions and products are hit or miss, but the point is they are being developed to address real life issues. 

Your job, as an Infosec Professional, is twofold: 

  • First, you have to determine if the problem being hyped is relevant to your organization. 
  • Second, once you have identified a legitimate issue, you must sort through the offerings available and determine which product(s) really solve the security issues you are facing. 

You can be skeptical. In fact you should be to a degree. But do you research.  Call it due diligence.  And remember, just because it’s FUD doesn’t mean that it doesn’t have merits.

Possibly Related Articles:
Security Awareness
Information Security
Marketing Due Diligence Development Information Security FUD vendors
Post Rating I Like this!
Sheila Santos Great article, I enjoyed
willy ben I often fear a lot to do tasks even though i am aware of all these but there is some kind of doubt and uncertainty. Thanks for those valuable and beautiful tips. I think i can cope with it. Keep sharing.
Kim kim Merci. Je suis totalement d'accord. Je veux profiter de la puissance et de la source de ma vie.
akikah tangerang The best way for a merchant to be safe is to consult a QSA after buying the solution . With all of the changes in the payment industry right now, it's better to be safe than sorry.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.