Security firms ‘overstate hackers’ abilities to boost sales’
“Computer security companies have been accused of ‘massively’ exaggerating the abilities of malicious hackers.
Dr Ian Levy, technical director of the UK’s National Cyber Security Centre, made the accusation in a speech.
He said the firms played up hackers’ abilities to help them sell security hardware and services.
Overplaying hackers’ skills let the firms claim only they could defeat attackers, a practice he likened to ‘witchcraft’.
In a keynote speech at the Usenix Enigma security conference, Dr Levy said it was dangerous to listen only to firms that made a living from cybersecurity.
‘We are allowing massively incentivised companies to define the public perception of the problem,’ he is reported as saying.