More pernicious every day
Infosec - the discipline, not the show - is a small space, and in the last few years there's been such an explosion of integrators, resellers, service providers, vendors et al, that they are - of course - resorting to FUD of the first order to try and gain their foothold. This much we should expect.
What Johnny Schmoe, Manager® doesn't seem to hold on to is that much can be achieved by simply having a decent set of policies and practices, and getting a good technical security mind in at the start of most projects. Good security is about keeping your house in order, first and foremost. By doing this with some support from the top of the org chart, companies of all sizes can make leaps and bounds towards assuring the safety of their information.
But common sense isn't as sexy or eye-catching as "peer-to-peer viral hacker squad", which means that the culture of "don't fix it, be lazy and buy our £200k secure appliance to remediate risk instead" gets perpetuated instead.
Biting the hand that feeds IT
