cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

5 Ways You Can Spot A Fake Cybersecurity Expert

Hi All

 

Is there a sure way to detect a fake so called cybersecurity expert?

 

https://www.linkedin.com/pulse/5-ways-you-can-spot-fake-cybersecurity-expert-geoff-hancock-ciso%3Ftr...

 

Assess for yourselves.

 

Regards

 

Caute_Cautim

13 Replies
denbesten
Community Champion

1st way.... if somebody calls themselves an expert.

ericgeater
Community Champion

Confirm with me, Caute, but I think the link has been taken down.

-----------
A claim is as good as its veracity.
denbesten
Community Champion

It fails for me too.

Caute_cautim
Community Champion

No it still exists and works even a few seconds ago
JoePete
Advocate I

Interesting story how the CIO went to the author and said he felt they had been "sold" a faulty bill of goods in the CISO who wasn't up to snuff. Arguably, the issue here isn't the "fake" CISO, it's the fake CIO (and CEO). How far back did they put their company because they hired a C-suite position that they didn't know how to evaluate?

 

You have to have good organizational governance to have the accountability that goes with security. You can't just hire a CISO, give him or her an assistant, and say "here, security is your thing." You're talking about policies and procedures that must be promulgated through every business unit. And those units must be accountable to senior management (i.e., the CEO), who is then accountable to the board. Instead, the corporate mentality has been to just plug in a CISO at the top of the org chart - "Acme, Inc., now with CISO!" In the end, if you don't have a good governance model, you end up bloating your most expensive level of an organization, and you take resources from the lower levels. You end up with corporate constipation because the C-suite turns into one big blockage.

ericgeater
Community Champion

@denbesten and @Caute_cautim , can confirm it works on this PC.  Thanks

-----------
A claim is as good as its veracity.
denbesten
Community Champion

Turns out it gives a deceiving "page not found" error if one is not logged into LinkedIn, as opposed to something more informative, such as "please login".

 

I rarely engage with social media when authenticated and I toss (most) cookies on browser close so as to minimize the ability to meaningfully aggregate data.  Hence the likely reason I stumble into things like this more often.

csjohnng
Community Champion

The link is good to me.

 

Honestly there are many fake "experts".

 

I have attended many conferences or event as a presenter and/or panelist.

During panel discussions, I often found the discussions with some panelists are really shadow, sometimes non related to the topic or they actually has 0 experience on the panel topic.

I respect different opinion but you know the different between a valid viewpoint/perspective and a BS.

 

And more and more, I decided to ask the organizer that who are invited the same panel discussion before I commit myself or I will avoid panelist discussion with those so call security (or cybersecurity) experts and I don't claim any experts myself.

 

And I don't know this is good or bad, I stop wasting my time on those conferences and spend less time on those.

John
JoePete
Advocate I


@csjohnng wrote:

 

I have attended many conferences or event as a presenter and/or panelist.

During panel discussions, I often found the discussions with some panelists are really shadow, sometimes non related to the topic or they actually has 0 experience on the panel topic.

I respect different opinion but you know the different between a valid viewpoint/perspective and a BS.


You also have to look at who is putting on the conference, which can be another "fake" in this industry. There are some good security groups who put on cons. Then there are a lot of conference groups who try to do security. The people they get to talk are some product manager who markets their product, which more often than not runs the spectrum of superfluous to snakeoil.

 

I've seen good talks from people with very limited security credentials. The key is they stick to their specific expertise and don't pretend to be something they're not. A lot of this job is looking at something from a different viewpoint and pulling on a range of other skill sets.