Without a doubt, the hottest topic at San Francisco's RSA conference this year was the advanced persistent threat (APT).
Vendors, presenters and attendees alike fretted over the dangers posed by targeted attacks and the risks associated with a successful APT presentation. Be it state-sponsored attacks by nation states or acts of industrial espionage, firms seem to be petrified with the idea that their greatest threat is a custom-built attack intent on infiltrating their network.
But is it really? Are APT's the single biggest threat facing the enterprise IT space right now, or are we making a mountain out of a (relative) mole hill?
At least one security expert believes that the hype over APTs is hurting the security landscape as a whole. While at the conference, Sophos senior security advisor Chester Wisniewski brought up an interesting argument which suggests that the community as a whole may be missing the big picture when it comes to threats.
In an interview with V3, the Sophos researcher called the APT frenzy a "distraction" from the larger threat of financially-motivated crimeware.
"If nation states are fighting, that is a problem that the Pentagon needs to deal with," Wisniewski said.
"Why should my mum, or for that matter the average business, be concerned about that?"
The basis of Wisniewski's argument is that the APT field is in its entire history comprised of a few thousand attacks on specific companies, while millions of different malware families are currently floating around in the wild seeking to exploit vulnerabilities and extort users out money through ransomware, fake security tools and outright account theft.
As Wisniewski puts it, companies are being subjected to a "death by a million cuts" from the common malware while losing sleep at night over worries of a sophisticated APT intrusion.
The attack raised an interesting question. Has the press, in its thirst for an interesting story and juicy lead, built the APT into a bigger issue than it really is?
Certainly reporters love a juicy lead, and international espionage always fits into that category. But in doing so has the focus been shifted away from real threats?
Geoengineering on the sea floor near glaciers would form a new ice shelf to prevent melting
Alterations in capillary blood flow can be caused by body position change
Curiosity rover is in 'normal mode' but not transmitting scientific data back to base
NatWest outage comes a day after Barclays' IT systems shut out customers and staff