Desperate to get through to executives, some cybersecurity vendors are resorting to lies and blackmail (fwd)

[InfoSec News <alerts () infosecnews org>]

https://www.cnbc.com/2019/03/18/heres-how-cybersecurity-vendors-drive-the-hacking-news-cycle.html

By Kate Fazzini
CNBC.com
March 18, 2019

The cybersecurity vendor marketplace is growing so crowded that some companies 
have been resorting to extreme tactics to get security executives on the phone 
to pitch their products, including lying about security emergencies and 
threatening to expose insignificant breaches to the media.

The aggressive tactics come as the cybersecurity market expands dramatically, 
with a "long tail" of thousands of vendors with niche specialties. These sales 
tactics can make it harder for overworked cybersecurity execs to find and stop 
real threats. It can also result in overhyped publicity about breaches and 
hacks that are actually minor, which confuses customers and consumers.

CNBC spoke with four top cybersecurity executives at Fortune 500 finance, 
health care and payments firms about unsavory practices from vendors. These 
executives all said they have been pressured by vendors and researchers who 
claimed — rightly or not — to have found a cybersecurity problem at their 
company. Some hinted at the possibility of negative news coverage if the 
executive did not listen to the vendor’s full pitch.

Complicating the picture, many ethical hackers use their contacts with the 
company to report legitimate problems. One executive complained the noise makes 
it difficult to pinpoint the legitimate reports of infrastructure flaws that 
need to be fixed.

[...]

--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_