HiddenText Ltd

babelfish

Cybersecurity needs to communicate differently

/

, ,

Why Cyber Security is screwed …

We don’t communicate in the same way our audience wants to listen.

Before we start, this is NOT a hate on #Retvec or Google. Still, I am using the recent announcement of the RETVec tool by Google as an example of being typical of the #cybersecurity industry.

Google announces the launch of a new anti-spam security tool for GMail

Loads of great articles

>> https://arstechnica.com/gadgets/2023/12/gmails-ai-powered-spam-detection-is-its-biggest-security-upgrade-in-years/

On the surface, it looks like a fantastic thing with loads of great stats etc etc.

Reduces Spam By 38%

Sounds like something you want to use?

So you go to look up some more info. You go to Google and type in RETVec

>> https://www.google.com/search?q=RETVec&rlz=1C1GCEA_enGB1052GB1052&sourceid=chrome&ie=UTF-8

There is nothing unusual here, all very common, and very average behaviour. We immediately discount all the blogs as I’m looking for a Google page so that I know it isn’t going to be malicious … and you find this Google Security Blog:

>> https://security.googleblog.com/2023/11/improving-text-classification.html

Absolutely spot on – exactly the app I’m looking for, all good things about the tool and it has a link to install it – Here’s the next page you go to …

The RETVec page

>> https://github.com/google-research/retvec

And you stop … Y’see, for some of us, that’s fine … it’s a GitHub folder, crack on.

babelfish

However …

But go back to the start and imagine this is a 50 – 60-year-old person who is having spammer issues with their email account. Think like a consumer.

They use GMail, no? They get spam, don’t they? So Retvec sounds ideal?

  • They Google it
  • They remember to go to legitimate sites
  • They land on this weird GitHub thing.

You can use RETVec as the vectorization layer in any TensorFlow model with just a single line of code.

I mean, what the hell? Then there is this weird pip command, what the hell am I supposed to do with that? Where do I type that command? Is that even legitimate? Do I have TensorFlow? Where do I get that from?

Remember, you are a 50 – 60-year-old person with an inbox full of spam and you want some help … and you can’t even do the simple one-line command. You are left to feel dumb. I can’t even do the first line .. pip-thingy .. what’s the point

Who is to blame?

Next time you are sat at a security conference and a consumer uses the trope “Humans are the weakest link” … don’t think like a techie but as someone with a Spam problem in GMail, a consumer. Think like your parents or grandparents. And then think about

Is it developers that don’t speak human, or, is it cyber security because we make it hard to keep ourselves in a job?

We need to be much better at explaining ourselves,

  • who this is for,
  • what you need to do,
  • how this will affect the user
  • what should a consumer do,
  • what should a techie do

etc etc.

 

What do you think? Agree or disagree?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.