Better science is needed in InfoSec for the industry to build and retain credibility. It’s also our responsibility to help the board pick the bits out of consultant and vendor claims. Never more so than now, with social media spewing forth FUD pomoting headlines about cyber, IoT, BYOD, big data and Heartbleed-like threats.
This infographic, (click the image below for a PDF version), was designed for the pure science community, but is no less useful for InfoSec bodies. It can guide your efforts to validate threat and vulnerability killing sales pitches.
Or, as Beau Woods said, it has the makings of a good drinking game for Black Hat, DEF CON, InfoSec, RSAC…
For an industry specific perspective on the fallout from half truths, check out this excellent article “The Meaning of Hype” on Tripwire’s The State of Security blog.