A whistle blower at Tiversa is alleging that the company manufactured false evidence of breaches to gin up business:
A bombshell lawsuit is raising eyebrows in the cybersecurity industry.
A former cybersecurity forensic examiner named Richard Wallace is claiming that his former employer — cybersecurity company Tiversa — “would typically make up fake data breaches to scare potential clients,” CNNMoney reports.
Wallace claims that Tiversa would routinely do this then “pressure firms to pay up” by buying its cybersecurity services, according to a federal courtroom transcript obtained by CNNMoney. This came to a head when Tiversa allegedly approached cancer testing services company LabMD about a supposed hack. LabMD refused to buy into Tiversa’s services, so Tiversa allegedly reported the cancer-testing company to the FTC for having a data breach.
………
This lawsuit raises some potentially worrisome issues about practices in the cybersecurity industry.
Gee you think?
It’s the f%$#ing Wild West out there, with no standards of what constitutes a breach, and no meaningful certification of the security firms.
People have been selling cyber Armageddon, with only one concrete example of their horror stories panning out (Stuxnet which was created by the US and Israeli government), why is it a surprise when we discover that people are selling “breaches” that are either non existent or minor.
I guess being a cybersecurity consultant beats working for a living.