Overrated/Underrated with Raj Samani

We’re back with another posting asking InfoSec experts to share their opinion on whether an item is overrated or underrated by the society/profession, relative to how s/he believes it should be rated. This time we’re talking about controversial topics like Machine Learning and Ransomware; and who better to ask than one of the brains behind the No more Ransomware Project and all-around cyber security good guy Raj Samani. Here are Raj’s views on today’s topics –


Underrated. Yeah i understand it’s the most talked about threat vector but lets be blunt, it is not what it was in the past. Think about recent innovations from the teams spreading Maze, or Revil. They are improving and becoming more destructive forcing larger payouts, and ultimately greater loss.

Machine Learning

Overrated. Don’t get me wrong, very key technology and the building block for our next generation of defence. However, it is NOT a commodity and simply having it on the booth at a conference does not make it the silver bullet. Not all ML models are created equally, make sure you drill down beyond the hype. 

UK CyberEssentials

Underrated. Simply imperative. Doing the foundations is critical and Cyber Essentials goes a long way toward achieving these fundamentals.

Well, there you have it. This is certainly something to think about; where do you go from here if the man who really knows Ransomware cyber crime believes it is still an underrated topic? Scary stuff. Also, if you didn’t yet look into getting your organization aligned with CyberEssentials , maybe Raj’s comment on the topic gets you thinking?

As always, share your comments below or write your own post. The important bit is that we, as a profession, keep an open mind and continue with constructive discourse. If you want to hear more from Raj, you can find him on Twitter and over at McAfee’s blog of course.

This blog post originally appeared onĀ LinkedIn