twitter facebook rss

Security Certificate #FAIL: No FT, No Comment

Posted by on July 25, 2014.

I received email from the Financial Times (no, really) offering me a place at its Cyber Security Conference in September.

Well, while I’ve had some connection with the security industry for over 25 years, I’m not arrogant enough to believe that I have nothing left to learn.

So I’ll resist the temptation to make sarcastic remarks about the fact that three of the expert speakers they want me to hear are from the banking industry. Years of close analysis of the phishing threat has convinced me that some elements in the banking industry need to accept responsibility for the continuing effectiveness of that threat, since some banks have a horrible habit of bad practice in marketing and other emails that help sophisticated phishing attacks look more convincing to a naïve customer than they should. Nevertheless, there are actually some very, very capable people in banking security. Too bad they don’t generally influence the kind of banker who makes the financial decisions that have contributed to the present state of the global economy.

Nor will I wax satirical about the fact that they’re offering ‘insight and analysis’ from three FT journalists. While my almost daily contact with the media doesn’t suggest that understanding of cybersecurity is particularly high among journalists, there are certainly exceptions (Brian Krebs, John Leyden, and our own Kevin Townsend spring to mind), and I imagine that FT writers are expected to be capable of rational commentary on an issue that impacts every business.

And I can’t expect the FT’s marketing department to know that devising security strategy, cooperation between the public and private sectors, and analysis of present and future cyber threats were all part of my job description long before the media discovered that cyber security wasn’t just a matter of installing antivirus.

Still, for an eye-watering £1,299+VAT, I figured I could probably give it a miss, and in fact didn’t seem much point in receiving more mail from the FT. I’m still young enough to step out and buy a paper, if I really want to. So I clicked on the unsubscribe button and got this browser screen advising me not to proceed to the site because of a security certificate issue.

no ft no comment copy

Further comment is probably superfluous. But maybe the FT could consider directing some of that security expertise towards some of its web pages. To be fair, the pages relating to the conference itself didn’t demonstrate the same problem. But even an Unsubscribe link deserves some attention. A message like that doesn’t inspire confidence.

David Harley

Leave a Reply

Your email address will not be published. Required fields are marked *

Submitted in: David Harley, Expert Views, Security | Tags: , , , , , ,