RE: https://infosec.exchange/@cR0w/116692776221622923
Last year I said this, and it's still true.
"If there's one thing I've learned about covering cybersecurity over the past decade or so, is that the cybersecurity community (the fixers and breakers) and the cybersecurity industry (profits above all else) are two very, very different things."
@zackwhittaker And executives are easily duped by the cybersecurity industry’s multi-layer profit making system. Consultants, research orgs, distributors and resellers, etc. Plus they are more easily influence by product conglomerates like “We are a Palo shop”.
I’m also seeing so much “tool focus” as in we need to an ABC tool to fix this when the fundamentals around that problem aren’t even being done well. The LLM craze has made it even worse.
People -> Process -> Technology
Execs have gotten so hung up on their insane belief that people are replaceable cogs that they don’t understand that technology won’t fix your cybersecurity problems unless good People are building good Process and good Technology configurations. Buying a new shiny doesn’t magically make cyber better.
Frédéric Jacobs
Zack Whittaker
Em 
dance
Unbro
B
evie!
vpz
Krypt3ia
ents