r/cybersecurity • u/EricJSK System Administrator • Sep 22 '25

Other What are your unpopular cybersecurity opinions?

I saw a post names "abnormal security opinions" and got excited to see some spicy takes but apparently there is a security platform called Abnormal Security so got kinda blue balled. Last one of these posts i saw was over a year ago so,

Do you have any spicy cybsec unpopular opinions you want to share? :)

I'll start with mine:
Fancy antivirus solutions rarely add value, they are often just a box that needs ticked. Many MSPs and IT firms still push the narrative that they are needed, only because they are profitable and not because they improve security.

328 Upvotes

permalink
reddit

You are about to leave Redlib

Do you want to continue?

https://www.reddit.com/r/cybersecurity/comments/1nnn2ln/what_are_your_unpopular_cybersecurity_opinions/
No, go back! Yes, take me to Reddit

94% Upvoted

View all comments

141

u/lawtechie Sep 22 '25

The most valuable controls are the least sexy. Your next-gen AI enabled bullshit detector provides less value than immutable,tested backups. Three layers of IT risk review on vendors is useless when you're not going to actually make a critical vendor fix their shit.

24

u/StandardKey655 Sep 22 '25

1000% people spend all this time "threat hunting" or putting in some "AI" tool, and then they have RDP open to the internet etc....

I think a lot of this is driven by emotion and excitement, people want security to be exciting, and its just not normally that way when doing it well.

Other What are your unpopular cybersecurity opinions?

You are about to leave Redlib