You are here: Blog Josh Coppage What’s the Difference Between a Power Strip and a Surge Protector?

Voyage Tech Blogs

Voyage Technology has been serving the Beaver Dam area since 1999, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.
Font size: +
Print

Avoiding Cybersecurity Placebos in Your Business

Voyage Technology Blog Security
0 Comments
Avoiding Cybersecurity Placebos in Your Business

When it comes to your business, especially its technology, some of the buzzwords you hear floating around can be pretty convincing, almost intoxicating. Unfortunately, like most buzzwords, many of these are aggrandized beyond their worth to the average small-to-medium-sized business. Let’s take a look at how this can impact a business’ perception of its cybersecurity, as well as dig into the reality behind these terms.

To begin, let’s examine a phrase coined in the early 2000s by cybersecurity technologist Bruce Schneier: “security theater.”

What is “Security Theater?”

Security theater is a simple shorthand for any security efforts put in place that do little to better ensure one’s security, despite making one much more comfortable, generally for some considerable cost. The idea behind it is that security exists as both a reality based in math and science, and as a perception that is based in emotion.

In a 2007 blog article, Schneier cited a personal anecdote where a friend’s newborn was fitted with an RFID tag to help prevent infant abduction during their stay in the maternity ward. However, the rates of infant abduction were astoundingly low at that point. In his blog post, Schneier posits that these bracelets were a form of security theater, meant more to placate the parents when their bundle of joy was out of sight than it was to help prevent the rare case of infant abduction.

While security theater may have perceived benefits, Schneier says, the true concerns come with the costs that are associated with it.

Let’s return to his example of the tracking tags on newborns. With such a low rate of infant abduction, there was realistically little-to-no practical risk of someone’s child being abducted from the hospital. However, as the low-cost RFID bracelets allowed parents to breathe a little easier when their baby wasn’t in the room with them, hospitals found this investment to be worthwhile. Another example that Schneier gives is the introduction of tamper-resistant packaging on over-the-counter drugs in the 1980s. With poisonings getting some significant coverage by the press in this era, the idea that medications would be tampered with was relieved.

It didn’t matter that the statistical likelihood of a drug being altered was negligible, or even that the tamper-resistant packaging wasn’t all that effective anyways. The theater of the tamper-resistant packaging that companies would use helped align the perceived threat with the practical odds.

The Trade-Offs

However, there is a point at which security theater can become detrimental: when the investment (real or perceived) into your security is generating negative returns—or in other words, when your security measures are actually making you less secure. One glaring example from recent years is the 2013 hack into Target, where numerous security teams dropped the ball as numerous failsafe notifications and procedures were ignored. Let’s go into how you might be “overacting,” so to speak, when it comes to some of the security theater you have in your office.

Excessive Password Updates

Forcing your employees to update their passwords each month has long been established as a counterproductive security measure, as this will only encourage them to adopt other behaviors that will directly undermine your resiliency. Perhaps these passwords will become embarrassingly predictable, or your users will resort to writing them down somewhere to keep track of them all. Instead, use other methods of reinforcing your business security, such as multi-factor authentication (MFA) or single sign-on solutions, paired with a more moderate password policy.

That said, we’re not advocating never changing passwords, but the bad habits it causes are much worse than what mandatory password changes do for the greater good.

Alert Overload

A never-ending barrage of security notifications can have a few negative repercussions on your users. Naturally, their workflows will suffer from consistent interruptions, but there is also the fact that these notifications will eventually be tuned out. As a result, if a real issue does eventually present itself, it is more likely to be ignored. An MSP’s services can help to separate the wheat from the chaff, preventing your users from encountering interruption in most cases.

Lacking User Awareness

Think back for a second: when you last had a cybersecurity training session for your users, what was the general format? Was it primarily a lecture, or were your employees involved and engaged in the process? When was your last training initiative? Many companies figure that these seminar-style sessions serve their purpose, but the more effective means of instilling good cybersecurity training is through shorter, more frequent, and (most importantly) more interactive efforts.

Voyage Technology has the tools and resources that can help you to better ensure your security efforts are contributing to your practical security. To find out more about the solutions that we can assist you with, reach out to our team by calling 800.618.9844 today.

Tweet
Tags:
Security Business Computing Cybersecurity
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Thursday, 30 October 2025

Captcha Image

Sign Up For Our Newsletter!

Blog Categories

Mobile? Grab this Article!

Qr Code

Tag Cloud

Security Technology Tip of the Week Best Practices Data Business Computing Business Productivity Software Innovation Cloud Hackers Network Security Hardware User Tips Efficiency Internet Malware IT Support Privacy Google Workplace Tips Computer Phishing Email Collaboration IT Services Hosted Solutions Users Workplace Strategy Ransomware Mobile Device Microsoft Small Business Backup Quick Tips Passwords Saving Money Communication Cybersecurity Data Backup Smartphone Productivity Managed Service Upgrade Android Business Management VoIP Smartphones Data Recovery Mobile Devices communications Windows Disaster Recovery AI Browser Social Media Managed IT Services Microsoft Office Current Events Network Tech Term Remote Internet of Things Automation Artificial Intelligence Facebook Information Covid-19 Miscellaneous Gadgets Cloud Computing Holiday Training Managed Service Provider Remote Work Server Outsourced IT IT Support Compliance Employee/Employer Relationship Encryption Spam Windows 10 Office Data Management Business Continuity Government Business Technology Windows 10 Bandwidth Virtualization Blockchain Wi-Fi Data Security Apps Vendor Two-factor Authentication Mobile Office Mobile Device Management Tip of the week Chrome Gmail Budget Apple Networking App Employer-Employee Relationship BYOD Managed Services Voice over Internet Protocol Office 365 Conferencing WiFi How To BDR HIPAA Computing Hacker Applications Information Technology Avoiding Downtime Marketing Access Control Help Desk Analytics Office Tips Augmented Reality Retail Storage Password Bring Your Own Device Managed IT Services Big Data 2FA Operating System Computers Router Virtual Private Network Healthcare Risk Management Website Health Free Resource Monitoring Project Management Windows 7 Firewall Document Management Microsoft 365 Solutions Telephone The Internet of Things Scam Data loss Social Cooperation Windows 11 Going Green Patch Management Save Money Remote Monitoring Vulnerability Excel End of Support Vendor Management Customer Service Cybercrime Physical Security Remote Workers Display Printer Paperless Office Infrastructure Data Privacy Smart Technology Word Images 101 Outlook Machine Learning Multi-Factor Authentication Money Saving Time Mobility Humor Managed IT Service Maintenance Safety Antivirus Sports Downloads Employees Mouse Integration Licensing Entertainment Administration Holidays Data Storage Telephone System Robot Customer Relationship Management Supply Chain Cost Management Settings Video Conferencing Managed Services Provider Printing Wireless Content Filtering Virtual Machines Professional Services Hacking IT Management Presentation VPN YouTube Meetings Cryptocurrency Wireless Technology User Tip Modem Computer Repair Mobile Security Processor iPhone Virtual Desktop LiFi Data storage Vulnerabilities Hard Drives Windows 8 Laptop Websites Mirgation Supply Chain Management FinTech Domains Drones Term Google Apps Nanotechnology Addiction Electronic Medical Records Language IT Assessment SharePoint IT Maintenance Flexibility Value Business Intelligence Refrigeration Management Halloween Chatbots Writing Distributed Denial of Service Organization Public Speaking Lenovo Shortcuts Screen Reader Ransmoware Service Level Agreement Virtual Reality Computing Infrastructure Digital Security Cameras Smart Devices Lithium-ion battery Remote Working Memory Vendors Hacks Server Management Entrepreneur Scary Stories Private Cloud Identity Fun Data Breach Superfish Bookmark Google Play Be Proactive Identity Theft Smart Tech Workforce Deep Learning Download Twitter Alerts Videos Electronic Health Records Wasting Time Threats Undo Error Social Engineering Break Fix Trend Micro Browsers Security Cameras Workplace Strategies Education Connectivity Meta Upload Remote Computing Software as a Service Managing Costs Amazon Mobile Computing Social Network Multi-Factor Security Search Dark Web eCommerce SSID Tablet IoT Virtual Assistant Outsource IT Application Best Practice Trends Alert Surveillance Virtual Machine Environment Managed IT Customer Resource management Media Buisness File Sharing Regulations Dark Data Google Calendar How To Microsoft Excel Reviews IBM Legal Data Analysis Medical IT IT solutions Star Wars Transportation Small Businesses Business Growth Gamification Notifications Staff Development Hypervisor Displays Travel Social Networking Legislation Cortana Shopping Optimization Techology Fileless Malware PowerPoint Google Maps Employer/Employee Relationships Outsourcing Alt Codes Content Wearable Technology PCI DSS Competition Health IT Navigation Downtime Unified Threat Management Motherboard Comparison Hosted Solution Assessment Permissions Gig Economy Unified Threat Management Directions Workplace Teamwork Hiring/Firing Typing Internet Service Provider Network Congestion Specifications Regulations Compliance Evernote Paperless User Internet Exlporer Knowledge Fraud Memes Google Drive User Error Microchip Co-managed IT SQL Server Technology Care Username Net Neutrality 5G Black Friday Financial Data History Business Communications Point of Sale Unified Communications Database Experience Smartwatch IT IP Address Google Docs Scams Azure Hybrid Work Bitcoin Network Management Running Cable Tech Support IT Technicians Procurement Monitors Cyber Monday Telework Cyber security Google Wallet Proxy Server Tech Human Resources Cookies Recovery Tactics Hotspot CES Communitications Cables

Blog Archive

2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
2015