Ok, lets say that the IT Security industry isn't one big joke! What then? Well i guess the big question there is "If it isn't one big joke, why is it that no one is secure?". As ever, the answer is "there is no such thing as secure". In fact you'd have to be stupid to suggest it.
Why would a multi billion dollar industry that offers products and services to "secure" digital assets, ever supply such a thing as products and services that "secure" digital assets?
Do you see where we're going here? Say i was a retailer of left handed golf clubs. Would i be offering to sell you left handed golf clubs or would i be offering to sell you right handed golf clubs? When you purchased a set of left handed golf clubs from me, would you expect me to deliver to you a right handed set of clubs - or a left handed set of golf clubs? Or would you expect me to deliver you a box of fresh fish instead?
Ok, so the next firewall of arguments is. "Well it can't be secure because, most of the time it is user error that causes the problem". "Or, well it wasn't our advice or our product where the breach occured it was some other back door or discreprency". "See, read this, our device only works in these instances, not these ones and these ones".
Our answer again is, "so you sold me a mobile phone, but you didn't tell me when i bought it that it wouldn't work the same way in the downstairs room as the upstairs room". If i purchased a car that only worked in a certain places on the road - why i'd take it back and demand a refund.
Why is it that the IT Security industry and the IT industry in general expects the consumer to pick up the tab for flakey products? Why is it that the industry that offers IT security does not in fact deliver IT security?
Could it be that it is all one big fishy joke!