It's Often Difficult for Readers to Distinguish Between Hyperbole and Genuinely Shocking Survey Statistics
Surveys in the information security industry are popular. They tell us what our peers are doing in similar circumstances, and they can highlight common pitfalls we may have missed. Surveys are different to the reports that analyze known data from known sources, such as the prevalence of a specific malware as shown by a vendor’s own telemetry. In this article, we are defining surveys as an analysis of people-provided information, not data-provided facts.
But we need to be circumspect. Surveys are, at base, marketing tools; and marketing’s purpose is to sell product or brand. Marketing that sells product is a hard sell. Marketing that sells brand is a soft sell. Nevertheless, it is always marketing, and we need to be aware of that.
Survey difficulties
There are two basic categories of survey: vendor surveys (directly produced by a vendor), and market research surveys (produced by professional third-party market research firms). While the latter should be more objective, there is no clean distinction between the two. It is possible for some vendor surveys to be objective – Verizon’s Data Breach Investigations Report (DBIR) is an example – and it is possible for some third-party commissioned reports to be subjective.
Regardless of who designs and produces a survey, the basic difficulties and problems are the same. Here we are concentrating on vendor generated surveys.
The marketing motive
Marketing is like any other business function – it must provide a return on investment. For this, the first requirement is it must be read by as many people as possible. This Is best achieved through the media, which means that a marketing tool must first be ..
Support the originator by clicking the read the rest link below.
