A higher standard for security pros?

Posted by in Analysis on Jan 20, 2009

So, today I came across a small reference (via HackInTheBox) about how one of the UK’s premier forensics experts committed perjury by claiming to have a degree that he didn’t, in point of fact, have.

It barely made a blip in the press – after all, it wasn’t a huge sentence (he got a suspended sentence and a small fine), his colleagues say that there was no doubt as to his expertise, and that he didn’t put any convictions in jeopardy.

Now, I’m not going to be the first in line to pile all over him and say that he was wrong or “a monster” or evil or whatever… Human nature is what it is, and people lie from time to time. So he didn’t have a degree? So what… On the punishment side, the court did a pretty good job with the sentencing. A small sentence, but one that makes it very unlikely that he’ll be an expert witness again, thereby preventing recurrence. So it goes.

But what interests me about this is the long-term effect that misdeeds on the part of security folks have. Take, for example, the recent Pay By Touch debacle (you know, where the CEO was playing fast and loose by running biometric payments into the ground). I liked Pay By Touch – sort of. I thought it was a good idea, but I figured it was going to flop – although I figured it was doomed because of the sales numbers they had on their site (which were clearly bogus) as opposed to the whole fraud/drug use/sex parties thing.

Anyway, the point is this – after Pay By Touch, how likely is it that supermarkets – or the populace as a whole for that matter – will trust biometrics nowadays? Sure, maybe they’ll trust the biometric technology – but there could be some lingering suspicion for the companies. Will that bad will extend to other security companies and products? Maybe so. Will practicing forensics in the UK be harder now that it turns out the “founder” of the discipline in that region was lying to the court? I would tend to think so…

So, I guess I’ll stop ranting now… I just find it irritating when the actions of an individual make everyone else feel the pain. Maybe at some point we’ll all wake up and start enforcing competency (and ethics) for the discipline the same way they do with medical practitioners. Or maybe not…

Search
TwitterRssFacebook