Leader: Why slagging off the press ignores the real issue

Over the years the security industry has been the area of the IT world which has most aggressively courted the attention of the press.

But in the past week some comments out of that self-same industry have jarred with that notion. The crux of the issue appears to be concerns over what is seen as a dumbing-down of important information.

The always outspoken David Perry, from Trend Micro, was among the most critical and berated the press for a tendency to turn "five pages of technical explanation" into a one-paragraph "sound-bite".

This may be because journalists "only have room in their mind for one idea" at a time, according to Perry.

It's difficult to approach a subject such as this without sounding as though we've taken it personally; we most certainly haven't.

The accusation is levelled more at the mainstream press but regardless of whether we're implicated, we can still see why it is counterproductive because there are issues here which are far more important than the egos of the press or even those of the security industry.

Attendees at last week's Virus Bulletin conference agreed that bot-nets are among the biggest threats to global IT infrastructure and businesses at present - and the war on these networks of compromised machines has to be won in suburbia by cleaning up commonly infected home PCs. But this is a place where the technical details of malicious code will be wasted.

Therefore if the mainstream press takes five pages of tech jargon and turns it into 'There's some bad stuff out there and you really need to talk to an expert because your computer is probably in the hands of the Russian mafia' then that is arguably no bad thing. It may be insultingly simplistic to the highly technical but then it's hopefully not their machines which are infected and such frankness may start resolving a serious issue.

There is also a business issue here which the security industry would be wise to embrace rather than reject.

IT security is increasingly becoming a board-level issue. The companies who've spotted this have learned the need to speak the language of business and not just IT, because two years from now they will be selling to people with a business background, not a technical one, whether they like it or not.

The security vendors must accept that some of the time the media is doing this translation task for them. It's not a failing on either side but rather it's a relationship which needs to be worked on. Taking five pages of detail and turning it into a couple of paragraphs is sometimes essential.

The cleverest thing the security industry can do now is try to stop being so clever.