7 Signs of Infosec's Groundhog Day Syndrome
Irritations that plague security pros day in and day out.
February 2, 2016
![](https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt847c9a75d6d731c9/64f0db85bfd287ce18609718/For-CARO_Groundhog-Day-4.jpg?width=700&auto=webp&quality=80&disable=upscale)
Sometimes working in information security can make people feel a little bit like Sisyphus. Or, at least like Bill Murray in the movie "Groundhog Day."
You wake up and the same types of weaknesses in your people and technology are being attacked by the same criminals day in and day out. Meanwhile, many security leaders keep having the same conversations with their bosses and colleagues without moving the needle forward with meaningful protections.
Sure the threats may be constantly changing, but in the end the same storylines play themselves out over and over again. We talked to experts across the industry about the phenomenon and got their opinions on the most common irritating things that just won't go away in cybersecurity. The lesson of their observation? Security leaders need to keep in mind that the definition of insanity is doing the same thing and expecting different results.
Probably the most universal Groundhog's Day experience for anyone in security is the horror of watching phishing attacks victimize their users and systems time and time again.
"No matter how much we train, advance spam filter technology, or how badly the email is crafted, someone falls for it," says Morey Haber, vice president of technology for BeyondTrust. "They click on a link, open an attachment, or think that their system is immune to the attack. Phishing attacks repeat themselves over and over again in business and one of the most popular ways to infiltrate and organization."
Sometimes working in information security can make people feel a little bit like Sisyphus. Or, at least like Bill Murray in the movie "Groundhog Day."
You wake up and the same types of weaknesses in your people and technology are being attacked by the same criminals day in and day out. Meanwhile, many security leaders keep having the same conversations with their bosses and colleagues without moving the needle forward with meaningful protections.
Sure the threats may be constantly changing, but in the end the same storylines play themselves out over and over again. We talked to experts across the industry about the phenomenon and got their opinions on the most common irritating things that just won't go away in cybersecurity. The lesson of their observation? Security leaders need to keep in mind that the definition of insanity is doing the same thing and expecting different results.
About the Author(s)
You May Also Like
CISO Perspectives: How to make AI an Accelerator, Not a Blocker
August 20, 2024Securing Your Cloud Assets
August 27, 2024