{"id":49841,"date":"2016-05-24T11:20:54","date_gmt":"2016-05-24T18:20:54","guid":{"rendered":"https:\/\/blogs.mcafee.com\/?p=49841"},"modified":"2025-06-08T19:55:07","modified_gmt":"2025-06-09T02:55:07","slug":"which-cybersecurity-data-should-you-trust","status":"publish","type":"post","link":"https:\/\/www.mcafee.com\/blogs\/other-blogs\/mcafee-labs\/which-cybersecurity-data-should-you-trust\/","title":{"rendered":"Which Cybersecurity Data Should You Trust?"},"content":{"rendered":"

Limitations of security data
\n<\/strong><\/h2>\n

We are constantly battered\u00a0by cybersecurity data, reports, and marketing collateral\u2014and we shouldn’t treat all of this information equally. Security data has inherent limitations and biases, which result in varying value and relevance in how it should be applied.\u00a0It is important to understand which data is significant and how best to allow it to influence your decisions.<\/p>\n

A\u00a0tsunami of security metrics, reports, analyses, blogs, papers, and articles vie for our attention.\u00a0Sources range from reporters, researchers, professional security teams, consultants, dedicated marketing groups, and even security-operations people who are adding data, figures, and opinions to the cauldron.\u00a0We are flooded with data and opinions.<\/p>\n

It was not always this way. More than a decade ago, we lived in\u00a0an information desert, where even speculations were rare.\u00a0Making decisions driven by data has always been a good practice. Years ago, many advocates were working hard to convince the industry to share information.\u00a0Even a drop is better than none. Most groups that were capturing metrics were too frightened or embarrassed to share. Data was kept secret by everyone while decision makers were clamoring for security insights based upon industry numbers, which simply were not available.<\/p>\n

The impact of data secrecy
\n<\/strong><\/h2>\n

In the past, fear, uncertainty, and doubt ruled.\u00a0People expected the worst and unscrupulous security marketing advocates took advantage, fanning the flames to sell products and snake oil.\u00a0Those were dark times, promulgated with outlandish claims of easily eradicating cyber threats with their software or appliance products.\u00a0The market was riddled with magic boxes, silver-bullet software, and turnkey solutions to easily fix all security woes.\u00a0I can remember countless salespeople asserting \u201cwe solve security\u201d (at which point I stopped listening or kicked them out).\u00a0The concept of flipping a switch to make all the complex problems of computing security forever go away was what uninformed organizations wanted to hear, but that was simply unrealistic. Why customers chose to believe such nonsense (when the problem and the effectiveness of potential solutions could not be quantified) is beyond me, but many did.\u00a0Trust in the security solutions industry was lost for a time.<\/p>\n

Slowly, a trickle of informative sources began to produce reports and publish data.\u00a0Such initiatives gained momentum, with others joining to share in limited amounts. This was the\u00a0turning point.\u00a0Armed with data and critical thinking, clarity and common sense began to take root. The transition was not perfect or quick, but the introduction of data from credible sources empowered security organizations to better understand the challenge and effectively maneuver against threats.<\/p>\n

As the size of the market and competition grew, additional viewpoints joined the fray.\u00a0Today, we are bombarded by all manner of cybersecurity information. Some are credible, while others are not. There are several types of data being presented, ranging from speculations to hard research.\u00a0Being well informed is extremely valuable to decision makers. Now, the problem is figuring out how to filter and organize the data so that we are not misled.<\/p>\n

As part of my role as a cybersecurity strategist, I both publish information to the community and consume vast amounts of industry data.\u00a0To manage the burden and avoid the risks of believing less-than-trustworthy information, I have created a quick guide to help structure the process. It is burned into my mind as a set of filters and rules, and\u00a0I have committed it to paper\/screen to share.<\/p>\n

I categorize data into four buckets.\u00a0These are\u00a0speculation, survey, actuarial, <\/em>and research.\u00a0<\/em>Each has its pros and cons.\u00a0The key to managing security data overload is to understand the limitations of each category, its respective value and its recommended usage.<\/p>\n

For example, survey data is the most unreliable, but does have value in helping us understand the fears and perceptions of the respondent community.\u00a0Research data is normally very accurate but notoriously narrow in scope and may be late to the game. One of my favorites is actuarial data. I am a pragmatic guy.\u00a0 I want to know what is actually happening so I can make my own conclusions. But there are limitations to actuarial data as well. It tends to be very limited in size and scope, so you can\u2019t look too far into it. It is a reflection of the past, which may not align to the future.<\/p>\n

I hear lots of complaints and criticisms regarding the validity, scope, intent, and usage of data. I have my favorites and those that\u00a0I refuse to even read. Security data is notoriously difficult. There are so many limitations and biases, it is far easier to point out problems\u00a0than to see the diamonds in the rough. But data can be valuable if filtered, corrected for bias, and the limitations are known. Don\u2019t go in blind. Apply common sense. Follow a consistent method and structure to avoid pitfalls and maximize the data available to help you manage and maintain an optimal level of security.<\/p>\n

The following are a few examples, in my opinion, of credible cybersecurity data across the spectrum of categories. Keep in mind the limitations of each group and don\u2019t make the mistake of using the information improperly! Look to speculation for the best opinions, survey for the pulse of industry perceptions, actuarial for real events, and research for deep analysis:<\/p>\n

\u00a0<\/strong>Speculation<\/strong><\/h2>\n