When it comes to IT security, FUD (fear, uncertainty, and doubt) is more than just the tool of overhyping vendors hoping to sell their next big thing. It is the reality that seasoned IT security pros live in, thanks in large part to the -- at times gaping -- shortcomings of traditional approaches to securing IT systems and data.
The truth is most common IT security products and techniques don't work as advertised, leaving us far more exposed to malicious code than we know. That's because traditional IT security takes a whack-a-mole approach to threats, leaving us to catch up with the next wave of innovative malware, most of which rolls out in plain view on the Internet.
1: Your antivirus scanner won't uncover real network killers
2: Your firewalls provide little protection
3: Patching is no panacea
4: End-user education earns an F
5: Password strength won't save you
6: Intrusion detection systems can't determine intent
7: PKI is broken
8: Your appliances are an attacker's dream
9: Sandboxes provide straight line to underlying system
