The most insightful Slashdot post I've ever read

Slashdot member "Anonymous Coward" may be "anonymous," but he is no "coward."This is a brave individual.

Slashdot member "Anonymous Coward" may be "anonymous," but he is no "coward."

This is a brave individual. Why? Because this IT security veteran has the guts to say what most security people - IT or not, don't have the guts, personality makeup, permission, or sense of mission to proclaim:

That, as Gartner said last week about VoIP - but with wide-ranging applications that transcend  tech - most security "threats"are overhyped.

This is true about supposed gremlins who we were warned about in Orange Alerts, or now in tech alerts. They are there, but the risk of attack is statistically slight. But if the security folks don't warn on occasion, they don't justify their jobs.

Anonymous Coward has it right.

With light editing and a couple of spelling corrections, I yield this space to thee, AC:

"There is much truth to what Gartner is saying. I have worked in the IT security arena now for almost 5 years and I have noticed this very thing. Security companies, almost without exception, hype the threats to sell their wares. They sell wolf tickets at extremely high prices when 98% of all threats can be mitigated by using good processes and common sense. 

"SECURITY IS A PROCESS, NOT A PRODUCT. Until people get this mantra embedded in their thick skulls, they will continue to be duped by security vendors and their own fears.

"Common sense is, unfortunately, not that common. Defense in depth security measures can be achieved without spending a lot of money. BUT... your best security is useless if the people behind it are lacking in common sense."