Cyberist Rant: Cybersecurity Expert Scam
“You want the truth? You can’t handle the truth!”
That line is pure cinematic gold — but it’s also the perfect metaphor for what’s happening in the cybersecurity industry today.
While everyone’s patting themselves on the back for Cybersecurity Awareness Month, the dirty secret is this: the cybersecurity industry is completely unregulated.
Anyone can call themselves an “expert.” And they do.
Dirty Secret Nobody Talks About
After graduating high school as Valedictorian, all my friends headed to Oklahoma State to drink beer and have fun. Me? I decided to get an education. I went to the Collins College of Business to earn one of the nation’s first Management Information Systems degrees — a combination of technology and business.
Now they’ve changed the name to “Cybersecurity,” which sounds cooler but misses the point entirely. That degree taught strategy, finance, and operations — not just how to reset passwords or configure firewalls.
So, when I invented the term Cyberist® in 2001, it wasn’t to sound edgy. It was to give a name to professionals who combine technology and business — and I even trademarked it to stop being called “Guru Geek” or “Super Nerd.”
A Cyberist isn’t just someone in cybersecurity. It’s an IT professional licensed to use the title, trained in the proprietary Delta Method to avoid loss and improve business results.
“Experts” You Shouldn’t Trust
In cybersecurity, “expert” has become the most overused word in tech.
I once served as an expert in a court case. Opposing counsel brought in their own so-called “expert.” Picture this: the guy looked like he should be demoing tools on an episode of Tool Time — only with a ZZ Top beard he probably thought made him look like a professor.
He had never heard of me or the 50-year-old company I bought. Then he went on to tell the same tired story about the evolution from break-fix to managed service providers, as if he’d just discovered electricity.
He bragged about rolling out some “solution” across Asia, even though his LinkedIn showed he’d been a salesman for a small hardware vendor (which conveniently disappeared after that case) and had just earned a CompTIA auditor certificate.
Meanwhile, he was being grilled on spoliation — because he couldn’t produce any logs, images, or methods to back up his so-called “forensic report.”
Opposing counsel asked,
“You haven’t heard of Kevin Fream?”
Of course not. He’s got no best-selling books, no trademarks, no patents, and I haven’t seen him at Harvard, Nasdaq, Microsoft, or MIT — or the many other places I’ve spoken.
But that’s the truth no one wants to face: the cybersecurity industry is full of charlatans.
Slapping an “S” on Everything
And the best part? In tech, every player thinks they can earn credibility by slapping an “S” for Security onto their company, product, or service.
Now we’ve got “Managed Service Providers in Security,” “Cybersecurity Suites,” “Security Appliances,” and “AI Security Assistants.”
It’s marketing theater. Nothing more.
There are over 200 franchise networks out there pretending to be “national cybersecurity firms.” In reality, they’re just loosely affiliated local tech shops sharing a logo, not strategy, staff, or standards.
If that’s “security,” then I’m Santa Claus.
So How Do You Know Who to Trust?
Simple.
1️⃣ Check for Vetted IT Support®. If a company doesn’t publicly post the 5 vetting criteria — company type with board of directors, patents/trademarks, industry certifications, best-selling books and third-party Risk Exams — walk away.
2️⃣ Look for proof, not puffery. Do they have published articles, ebooks, books, and videos showing their expertise? Or just vague buzzwords and borrowed graphics?
3️⃣ Choose the guide who fits your industry. If you’re in financial or professional services, you need someone who actually understands your compliance — like NIST, HIPAA, and Microsoft 365 security controls.
That’s where my mission comes in:
I’m helping one billion people to streamline your technology to avoid loss and improve your life — not superstition and slogans.
You Can Handle the Truth
In A Few Good Men, Colonel Jessup’s line lands because it exposes hypocrisy. It’s not comfortable. But it’s real.
The truth is this: Cybersecurity isn’t magic. It’s not a product. It’s discipline, process, and doing the right thing when no one’s watching.
So before you trust someone with your data — or your business — ask if they’ve earned it.
Because when it comes to protecting your future, you deserve the truth.
And remember —
Don’t be Easy Prey.
