Security Technology Executive

MAY-JUN 2018

Issue link: https://securitytechnologyexecutive.epubxp.com/i/994589

Contents of this Issue

Navigation

Page 49 of 79

COOL AS McCUMBER By John McCumber John McCumber is a securit y and risk professional, and author of "Assessing and Managing Securit y Risk in IT Systems: A Struct ured Methodology," from A uerbach Publications. If you have a comment or question for him, e-mail Cool _ as _ McCumber@ cygnusb2b.com. Interested in My Cybersecurity Insights? B ack about eighteen years ago, a popular cybersecurity group started a website that contained a list of industry charla- tans, plagiarizers, and sundry technol- ogy scammers. Our profession has been fertile ground for these grifters for many years, and capturing their faces and misdeeds has been a steady job. Many people have decided to take short- cuts to fame and fortune, and are usually eventu- ally called out. Plagiarism alone could rack up pages of guilty par- ties I know. As an author, technologist, and academi- cian for nearly thirty years, I have had my numerous run-ins with plagiarism. My favorite was a gradu- ate student who plagiarized my own textbook in a report. I am not sure what they were thinking. I once was walking through a government office and saw a framed picture of one of my copyrighted works on the wall. A major U.S. airline also tweeted out some of my material as their own. I certainly don't expect compensation, but I do expect appropriate attribution, so my response has always been to politely ask them to at least give me my due as an author. Just last week, we had cybersecurity thought-leader and expert unmasked as a fraud. I had just recently learned of him through my government circles. He was a co-founder of what he and his partner called a "think tank". Apparently, setting up this business it was a good decision for them because they raised hundreds of thousands of dollars from the informa- tion security vendor community to boost the vendor companies' marketing signal to politicians and high- dollar consultants. The "think tank" hosted lavish black-tie galas and events at swanky hotels in the DC area, featuring retired senior military officers and high-ranking gov- ernment officials. It is likely a few top speakers were paid for a presentation by the "think tank", and once they were on the docket, the locals lined up to pay for the opportunity to hobnob with the Big Names. These guys knew how to work the system. That's before the one co-founder (a self-described genius) had a chance online interaction with a reporter. Once a journalist started digging into this "expert's" background, he found someone with a very shady business background who had simply changed his name and decided to make the jump to cybersecurity. Now, many people have made career changes, so what makes this guy such a charlatan? It appears he wrote many articles and a couple of self-published books. You can debate how much time and effort you need to become an "expert", but this guy's rise was meteoric. The journalist uncovered a web of Twitter bots and self-promotional materials all orchestrated by this per- son to amplify his presence in the industry. He used this network to pose as other professionals who would heap praise on him for his genius, insight, and massive intellect. It was all faked. Like nearly everyone who tries this scam, his hubris and self-promotion got out of control. He was introduced by his partner as a man who had written not a couple, but FIFTY books, and HUNDREDS of articles on cybersecurity. He professed to actively con- sult for NATO, NSA, and MI6. It was a few half-truths and a whole lot of lies with just enough of a façade to make it look legitimate. You must hand it to them for picking a profession where no one really vetted their claims until a chance encounter with someone on the internet. We need to all make a better effort to look beyond the self-promotion and hyperbole. There is a lot of serious work we need to do. We can start by shunning people like this. Request information: www.SecurityInfoWatch.com/10300750 WE CONNECT WHY JOIN SECURITY PROFESSIONALS The security industry's largest database for consultants, A&E's, manufacturers and integrators. Consultants and Engineers Enhance your visibility, search products, find integrators, and access valuable design resources. Integrators, Owners and End-Users Find projects and consultants in your area, and gain insight into the capabiliঞes of firms and individuals. Manufacturers Promote and feature your soluঞons, search the extensive database, and reach security consultants. www.securityspecifiers.com 50 SECURIT Y TECHNOLOGY E XECUTIVE • May/June 2018 • www. SecurityInfoWatch.com

Articles in this issue

Links on this page

Archives of this issue

view archives of Security Technology Executive - MAY-JUN 2018