Much of the massive investment in cyber security innovation today is in undifferentiated offerings delivering marginally better efficacy. Not a big surprise here - this is classic behavior in "gold rush" environments that often end in bubbles with the inevitable investor/entrepreneur disappointment.
At the same time, we are entering what may well be the golden age of cyber security where innovation transitions from remediation (the Wack-a-Mole approach to cyber vulnerabilities) to a more systemic and holistic approach to "secure by design" and environments where cyber risk is proactively managed at a system level - requiring real time identification, measuring, monitoring, and management. T
Is cyber security over-invested? Yes and No. Too much money has gone into largely "me-too" solutions (Threat Intelligence comes to mind) and far too little has flowed into technologies that fundamentally change the relationship between cyber attacker and defender. The Challenge - the second category is a lot harder than the first and will require true domain expertise and innovation....
/Passle/5c752afb989b6e0f5cda12f4/SearchServiceImages/2024-03-12-21-47-58-724-65f0cd8e2771ce417b348990.jpg)
/Passle/5c752afb989b6e0f5cda12f4/SearchServiceImages/2024-02-21-22-34-05-861-65d67a5d0b3a03290177e1c0.jpg)