What is \u2018security theater\u2019 and how can we move beyond it? | CyberScoop<\/title> <link rel=\"canonical\" href=\"https:\/\/cyberscoop.com\/security-theater-cybersecurity-tooling-ev-kontsevoy-op-ed\/\"> <meta property=\"og:locale\" content=\"en_US\"> <meta property=\"og:type\" content=\"article\"> <meta property=\"og:title\" content=\"What is \u2018security theater\u2019 and how can we move beyond it?\"> <meta property=\"og:description\" content=\"Too many companies are caught up in security theatrics, overlooking the real cause.\"> <meta property=\"og:url\" content=\"https:\/\/cyberscoop.com\/security-theater-cybersecurity-tooling-ev-kontsevoy-op-ed\/\"> <meta property=\"og:site_name\" content=\"CyberScoop\"> <meta property=\"article:published_time\" content=\"2025-01-10T14:23:34+00:00\"> <meta property=\"article:modified_time\" content=\"2025-01-10T14:23:36+00:00\"> <meta property=\"og:image\" content=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg\"> <meta property=\"og:image:width\" content=\"3300\"> <meta property=\"og:image:height\" content=\"2200\"> <meta property=\"og:image:type\" content=\"image\/jpeg\"> <meta name=\"author\" content=\"Greg Otto\"> <meta name=\"twitter:card\" content=\"summary_large_image\"> <meta name=\"twitter:creator\" content=\"@gregotto\">  <link rel=\"dns-prefetch\" href=\"\/\/securepubads.g.doubleclick.net\">\n<link rel=\"dns-prefetch\" href=\"\/\/use.typekit.net\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Feed\" href=\"https:\/\/cyberscoop.com\/feed\/\">\n<link rel=\"alternate\" type=\"application\/rss+xml\" title=\"CyberScoop \u00bb Comments Feed\" href=\"https:\/\/cyberscoop.com\/comments\/feed\/\"> <link rel=\"stylesheet\" id=\"all-css-2\" href=\"https:\/\/cyberscoop.com\/wp-includes\/css\/dist\/block-library\/style.min.css?m=1732206022g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-6\" href=\"https:\/\/cyberscoop.com\/wp-content\/mu-plugins\/search\/elasticpress\/dist\/css\/related-posts-block-styles.min.css?m=1736472020g\" type=\"text\/css\" media=\"all\"> <link rel=\"stylesheet\" id=\"all-css-8\" href=\"https:\/\/cyberscoop.com\/wp-content\/themes\/scoopnewsgroup\/dist\/css\/frontend.css?m=1732010462g\" type=\"text\/css\" media=\"all\">\n<link rel=\"stylesheet\" id=\"typekit-css\" href=\"https:\/\/use.typekit.net\/itk2qbh.css?ver=ddc036fa194c40cf406f\" media=\"all\"> <link rel=\"https:\/\/api.w.org\/\" href=\"https:\/\/cyberscoop.com\/wp-json\/\"><link rel=\"alternate\" title=\"JSON\" type=\"application\/json\" href=\"https:\/\/cyberscoop.com\/wp-json\/wp\/v2\/posts\/83097\"><link rel=\"EditURI\" type=\"application\/rsd+xml\" title=\"RSD\" href=\"https:\/\/cyberscoop.com\/xmlrpc.php?rsd\">\n<meta name=\"generator\" content=\"WordPress 6.7.1\">\n<link rel=\"shortlink\" href=\"https:\/\/cyberscoop.com\/?p=83097\">\n<link rel=\"alternate\" title=\"oEmbed (JSON)\" type=\"application\/json+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsecurity-theater-cybersecurity-tooling-ev-kontsevoy-op-ed%2F\">\n<link rel=\"alternate\" title=\"oEmbed (XML)\" type=\"text\/xml+oembed\" href=\"https:\/\/cyberscoop.com\/wp-json\/oembed\/1.0\/embed?url=https%3A%2F%2Fcyberscoop.com%2Fsecurity-theater-cybersecurity-tooling-ev-kontsevoy-op-ed%2F&format=xml\">   <link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=32\" sizes=\"32x32\">\n<link rel=\"icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=192\" sizes=\"192x192\">\n<link rel=\"apple-touch-icon\" href=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=180\">\n<meta name=\"msapplication-TileImage\" content=\"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/01\/cropped-cs_favicon-2.png?w=270\"> <\/head><body class=\"post-template-default single single-post postid-83097 single-format-standard\" id=\"readabilityBody\"> <a href=\"https:\/\/cyberscoop.com\/security-theater-cybersecurity-tooling-ev-kontsevoy-op-ed\/#main\" class=\"skip-to-content-link visually-hidden-focusable\">Skip to main content<\/a> <\/p>\n<div class=\"ad ad--top ad--top-desktop\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p> <main id=\"main\" role=\"main\" tabindex=\"-1\"> <\/p>\n<div class=\"ad ad--top ad--top-mobile\">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<section id=\"stickybar\" class=\"stickybar stickybar--event js-stickybar\">\n<div class=\"stickybar__details\" readability=\"5.12\">\n<div class=\"stickybar__info js-sticky-bar-content\" readability=\"32\">\n<p>Nominations can be submitted for the 2025 CyberScoop 50 awards!<\/p>\n<\/div>\n<p> <a class=\"stickybar__link button button-tertiary\" href=\"https:\/\/cyberscoop.com\/cyberscoop50\/\">Click here!<\/a> <\/div>\n<p> <button class=\"stickybar__close js-stickybar-close\" aria-controls=\"stickybar\"> <svg class=\"icon icon--close\" width=\"21\" height=\"22\" viewBox=\"0 0 21 22\" fill=\"none\"><path d=\"m.822.518-.805.805L9.695 11 .017 20.678l.805.805 9.678-9.678 9.677 9.678.806-.805L11.305 11l9.678-9.677-.806-.805-9.677 9.677L.822.518Z\" fill=\"currentColor\" \/><\/svg> <span class=\"visually-hidden\">Close<\/span> <\/button> <\/section>\n<article class=\"single-article content\">\n<div class=\"single-article__container js-single-article-content\">\n<header class=\"single-article__header \" readability=\"24.871508379888\">\n<div class=\"single-article__header-content\" readability=\"33.690962099125\">\n<ul class=\"single-article__eyebrow\">\n<li class=\"single-article__category\"> <a class=\"single-article__category-link\" href=\"https:\/\/cyberscoop.com\/security-theater-cybersecurity-tooling-ev-kontsevoy-op-ed\/\"> <span>Commentary<\/span> <\/a> <\/li>\n<\/ul>\n<p> Too many companies are caught up in security theatrics, overlooking the real cause. <\/p>\n<p>  <br \/>\n<audio id=\"audio-player\" src=\"https:\/\/wp-tts-cdn.api.scpnewsgrp.com\/cyberscoop\/83097\/english.openai.mp3\"><\/audio> <\/p>\n<div readability=\"11\">\n<div>\n<p>Listen to this article<\/p>\n<p>  <\/p>\n<p>0:00<\/p>\n<\/p><\/div>\n<p>  <\/p>\n<p> <span id=\"tts-tooltip\">Learn more.<\/span> <span> This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment. <\/span> <\/p>\n<\/div>\n<p>  <\/div>\n<div class=\"single-article__cover-wrap\">\n<figure class=\"single-article__cover\"> <img data-recalc-dims=\"1\" fetchpriority=\"high\" width=\"640\" height=\"426\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it.jpg?resize=640%2C426&ssl=1\" class=\"single-article__cover-image wp-post-image\" alt decoding=\"async\" fetchpriority=\"high\" srcset=\"https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg 3300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=300,200 300w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=768,512 768w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=1024,683 1024w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=1536,1024 1536w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=2048,1365 2048w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=600,400 600w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=252,168 252w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=506,337 506w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=1013,675 1013w, https:\/\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-2.jpg?resize=1265,843 1265w\" sizes=\"(max-width: 1013px) 100vw, 1013px\"><figcaption> (Getty Images) <\/figcaption><\/figure>\n<\/p><\/div>\n<\/header>\n<div class=\"single-article__content\">\n<div class=\"single-article__content-inner has-drop-cap\"> <html readability=\"66.288701393984\"><body readability=\"133.09041754281\"><\/p>\n<p>Conventional wisdom assumes that the more vulnerabilities a security tool flags, the easier it will be for a company to secure its infrastructure. In theory, layering more tools into a tech stack should equal more effective attack surface monitoring, right? Well, reality isn\u2019t quite panning out like that. <\/p>\n<p>If anything, tool sprawl has created an illusion of security, drowning security teams in the performative theatrics of squashing countless alerts \u2014 most of them false positives. Observability solutions are getting more innovative, flagging more and more threats, but when you can\u2019t tell which threat is more dangerous, any perceived security is just that: perceived. <\/p>\n<p>Think back to large-scale breaches in 2024: Ticketmaster, Snowflake, Transport of London, or National Public Data (2.9 billion people\u2019s personal information exposed). <a href=\"https:\/\/www.idtheftcenter.org\/publication\/itrc-h1-data-breach-analysis\/\">Data breach victims<\/a> surpassed 1 billion, a 409% increase from the year before. Notification spam hasn\u2019t materially reduced the impact of these attacks; in fact, most security practitioners call <a href=\"https:\/\/www.vectra.ai\/about\/news\/research-reveals-growing-distrust-for-threat-detection-tools-as-soc-teams-struggle-to-identify-real-attacks\">many alerts \u201cuseless<\/a>.\u201d So many alerts, and yet the attack surface still widened <a href=\"https:\/\/resource.redcanary.com\/rs\/003-YRU-314\/images\/SecurityOperationsTrendsReport_RedCanary.pdf?version=0&mkt_tok=MDAzLVlSVS0zMTQAAAGWwA7_TgUm2-GUKUePxdCpPUsjf7da5gr7qm8xrVYhfLdtcv9t_MpjodKV-GHHVTTyVavp4czQ2Y5iavQOB1V2cUYKkEuH3m8qQK4tGr3217V4Mg\">almost 80% in the past two years<\/a>. <\/p>\n<p>Another common fallacy is to believe that just because an organization made an investment into a cybersecurity solution, it can consider itself secure. But is it actually used by their employees? This is particularly common in engineering, when an access management solution procured by IT\/security is simply ignored by engineers due to real or perceived inconvenience and a belief that such measures will inhibit productivity. For example, only <a href=\"https:\/\/www.aramidesign.com\/wp-content\/uploads\/2019\/03\/NextPlane-Report-2-Final.pdf\">23% of IT professionals<\/a> said they have visibility into their team\u2019s tool usage.<\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Alert fatigue and shadow access are just two examples of \u201csecurity theater.\u201d The broader problem is that most organizations are being swept up in security theatrics instead of adopting meaningful security measures.<\/p>\n<p><strong>Treat the cause, not the symptom <\/strong><\/p>\n<p>When you see your doctor, you trust he will treat your illness, not just your symptoms. Otherwise, you\u2019d return to your doctor pretty quickly once the momentary relief passes. The security theater is like a doctor who only treats symptoms. It does little to solve the underlying cause of vulnerabilities. <\/p>\n<p>The \u201cnotification fatigue era\u201d is just a bad doctor, wasting inordinate time for security teams on actioning alerts. It\u2019s dire enough that <a href=\"https:\/\/x.coro.net\/l\/1012302\/2024-04-16\/368mc\/1012302\/1713293015qvwgaE0m\/Coro__SME_Security_Workload_Impact_Report.pdf\">73% of security professionals failed to act<\/a> on high-priority security alerts due to time constraints. Given these time constraints, which alerts do you prioritize? With thousands of alerts, the \u201cone true threat\u201d to your company\u2019s defenses is basically a needle in the haystack.<\/p>\n<p>No matter how good the observability tools become at spotting malware, observability for the sake of observability will never be a winning strategy. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>Even more dangerous are shadow access paths that become unmonitored backdoors into critical systems. These paths arise when employees, particularly engineers, bypass official access management tools in favor of home-grown solutions like personal proxies, jump hosts, or bastion servers. These alternatives are typically implemented for convenience or to avoid perceived productivity blockers but lack the stringent controls, monitoring, and updates that IT-sanctioned systems provide. These paths often go unnoticed until a breach happens \u2014 at which point it is too late to remediate the issue. <\/p>\n<p>That\u2019s why we need to shift security teams\u2019 attention toward the threat vectors causing the most hurt. <\/p>\n<p><strong>Target human error for security that\u2019s not just performative<\/strong><\/p>\n<p>It starts with reducing the attack surface, and to do that, security teams have to target human error, which to this day is still the leading cause of cyberattacks, <a href=\"https:\/\/www.verizon.com\/business\/resources\/reports\/dbir\/?ref=hackernoon.com\">appearing in most breaches<\/a>. <\/p>\n<p>For perspective, of the 600 million identity attacks Microsoft logged in fiscal year 2024, <a href=\"https:\/\/www.microsoft.com\/en-us\/security\/security-insider\/intelligence-reports\/microsoft-digital-defense-report-2024\">99% were password attacks<\/a>. That\u2019s a scary image of how effective phishing campaigns now are at extracting credentials \u2014 and not just passwords, but browser cookies, API keys, and more. Why does this keep working? It\u2019s because attackers know it\u2019s a lot cheaper and easier to trick a human than it is to launch a complex malware attack that exploits a software vulnerability. Add generative AI-powered social engineering to the mix and those attacks might just become even more frequent, and easier, too. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p>If security teams want to make a difference, they can\u2019t play \u201cspot the software vulnerability.\u201d Software vulnerabilities still only represent a fraction of breaches. As for social engineering attacks, security teams don\u2019t need to meticulously monitor for alerts related to suspicious human behavior patterns. It would be smarter to make infrastructure immune to human error altogether. There are ways to do this, like basing all employee identities on real-world attributes, like the user\u2019s biometrics, the device\u2019s hardware identity, and a PIN code (just look at the iPhone \u2014 when was the last time you heard of one being hacked?). <\/p>\n<p>The most lethal security problems are often the most easily avoided. This should be obvious after a former Disney employee tampered with allergen information on a restaurant menu, all because they weren\u2019t offboarded. It should be obvious after repeat breaches of the Internet Archive, all because access tokens weren\u2019t rotated. No one should have persistent network access through standing privileges. The default access model should only ever be based around granting entry to users who meet the right conditions. What\u2019s the user\u2019s role? Where are they located? Which resources are they trying to access, and at what time? This way, even if an identity does get compromised, the harm is limited \u2014 because its access to resources was limited to begin with. <\/p>\n<p><strong>Moving beyond performative security <\/strong><\/p>\n<p>It\u2019s time to leave behind the theatrics. We already hear enough about burnout levels in cybersecurity. An overwhelming number of alerts flagged by complex security solutions without context won\u2019t change that. <\/p>\n<p>Eliminating static credentials and standing privileges is ultimately about more than just securing infrastructure. The amount by which these measures would cut the scale and duration of threats could also see engineering teams drastically cutting down on stress levels. So, the next time you\u2019re looking at a \u201cnotifications\u201d number in the thousands or above, just remember: that number is never as important as you think. <\/p>\n<div class=\"ad ad--inline_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<p><em>Ev Kontsevoy is the CEO of Teleport, an identity & access management software company.<\/em><\/p>\n<p><\/body> <\/p>\n<footer class=\"single-article__footer\" readability=\"1.6153846153846\">\n<div class=\"author-card\" readability=\"9\">\n<div class=\"author-card__avatar\">\n<figure class=\"author-card__image-wrap\"> <img data-recalc-dims=\"1\" decoding=\"async\" class=\"author-card__image\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2025\/01\/what-is-security-theater-and-how-can-we-move-beyond-it-1.jpg?w=640&ssl=1\" alt=\"Ev Kontsevoy\"> <\/figure>\n<\/p><\/div>\n<p><h4 class=\"author-card__name\">Written by Ev Kontsevoy<\/h4>\n<p> Ev Kontsevoy is the CEO of Teleport, an identity & access management software company. <\/p>\n<\/p><\/div>\n<div class=\"single-article__tags-container\">\n<h4 class=\"single-article__tags-title\">In This Story<\/h4>\n<\/p><\/div>\n<\/footer>\n<p> <\/html><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"single-article__ads js-single-article-sidebar\">\n<div class=\"ad ad--sidebar js-single-article-sidebar-5 ad--rightrail_1 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-4 ad--rightrail_2 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div class=\"ad ad--sidebar js-single-article-sidebar-3 ad--rightrail_3 \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div><\/div>\n<\/article>\n<div class=\"popular-stories popular-stories--single-post\">\n<div class=\"popular-stories__container\">\n<h2 class=\"popular-stories__title\"> More Scoops <\/h2>\n<p>  <\/div>\n<p>\n<\/div>\n<p> <\/p>\n<section class=\"latest-podcasts\">\n<h2 class=\"latest-podcasts__title\"> Latest Podcasts\t<\/h2>\n<\/section>\n<div class=\"top-categories\">\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Government<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Technology<\/h3>\n<\/p><\/div>\n<div class=\"top-categories__container\">\n<h3 class=\"top-categories__category-title\">Geopolitics<\/h3>\n<\/p><\/div>\n<\/p><\/div>\n<p> <\/main> <\/p>\n<div class=\"ad ad--bottom \">\n<div class=\"ad__inner\"> <span class=\"screen-reader-text\">Advertisement<\/span> <\/div>\n<\/div>\n<div id=\"interstitial\" class=\"welcome__container\"> <button id=\"close-modal-1\" class=\"welcome__clickable_area\"><\/button> <\/p>\n<div class=\"welcome__ad_wrapper\">\n<p> <button id=\"close-modal-3\" class=\"welcome__continue-button\">Continue to CyberScoop<\/button> <\/p>\n<\/p><\/div>\n<\/p><\/div>\n<p>   <\/body> <a href=\"https:\/\/cyberscoop.com\/security-theater-cybersecurity-tooling-ev-kontsevoy-op-ed\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>What is \u2018security theater\u2019 and how can we move beyond<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[3448,280,3449],"tags":[3450,284,3451],"class_list":["post-6872","post","type-post","status-publish","format-standard","hentry","category-attack-surface","category-commentary","category-security-theater","tag-attack-surface","tag-commentary","tag-security-theater"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"display_name":"Cyber Scoop","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/cyberscoop\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/attack-surface\/\" rel=\"category tag\">attack surface<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/commentary\/\" rel=\"category tag\">Commentary<\/a> <a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/security-theater\/\" rel=\"category tag\">security theater<\/a>","tag_info":"security theater","comment_count":"0","jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6872","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=6872"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6872\/revisions"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=6872"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=6872"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=6872"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}

{"id":6872,"date":"2025-01-10T08:23:34","date_gmt":"2025-01-10T14:23:34","guid":{"rendered":"https:\/\/cyberscoop.com\/?p=83097"},"modified":"2025-01-10T08:23:34","modified_gmt":"2025-01-10T14:23:34","slug":"what-is-security-theater-and-how-can-we-move-beyond-it","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2025\/01\/10\/what-is-security-theater-and-how-can-we-move-beyond-it\/","title":{"rendered":"What is \u2018security theater\u2019 and how can we move beyond it?"},"content":{"rendered":"