Are you a technology marketing leader, struggling to market your products to your prospects for maximum awareness, consideration, and conversion?
I’m John E. Bredehoft. For over 30 years, I’ve created strategy and tactics to market technical products for over 20 B2B/B2G companies and consulting clients.
This may mean nothing. On the one hand, Davidson had been with the company a long time, having joined Oracle in 1988 AFTER a career in the US Navy as a civil engineer. So perhaps she just retired.
Then again, Larry Ellison is 81 years old, so people don’t HAVE to retire.
And it appears that Davidson’s departure wasn’t announced in a press release, but was buried in a June filing.
The one word associated with Davidson is the word “unbreakable.”
“[D]uring a 2002 interview with Businessweek, she described the challenges of making sure the firm’s products lived up to a marketing campaign envisioned by Ellison that touted the company’s products as ‘unbreakable’….She explained at that time, saying, ‘‘Unbreakable’ gives us something to live up to,’ adding, ‘It really does concentrate the mind wonderfully. The general thought is don’t embarrass the company. Nobody wants to be the group that makes us violate it.'”
(And yes, the red glow in the unbreakable oracle in the picture is intentional. If you have ever attended a San Francisco Oracle OpenWorld with hundreds of red and white banners, you’ll understand…)
“The new Sophos logo nods to our history, but it’s reimagined with a shield that represents our defense against cyberattacks. Inside that shield lives the dual strength of Sophos: AI-native technology and world-class human expertise. Together, they create unmatched defense that adapts as fast as threats evolve.”
Oh, and the consultation:
“Our partners are core to our success, and their feedback on the rebrand has been energizing…”
My bet is that Sophos will not have to withdraw this logo, like another logo change that was recently reversed.
Have you ever used the phrase “sort of unique”? Something is either unique or it isn’t. And International Mobile Equipment Identity (IMEI) numbers fail the uniquness test.
Claims that International Mobile Equipment Identity (IMEI) numbers are unique
Here’s what a few companies say about the IMEI number on each mobile phone. Emphasis mine.
Thales: “The IMEI (International Mobile Equipment Identity) number is a unique 15-digit serial number for identifying a device; every mobile phone in the world has one.”
Verizon: “An IMEI stands for International Mobile Equipment Identity. Think of it as your phone’s fingerprint — it’s a 15-digit number unique to each device.”
Blue Goat Cyber: “In today’s interconnected world, where our smartphones have become an indispensable part of our lives, it is essential to understand the concept of IMEI – the International Mobile Equipment Identity. This unique identifier plays a crucial role in various aspects of our mobile devices, from security to tracking and repairs.”
These and other descriptions of the IMEI prominently use the word “unique.” Not “sort of unique,” but “unique.”
Which means (for non-person entities, just like persons) that if someone can find a SINGLE reliable instance of more than one mobile phone having the same IMEI number, then the claim of uniqueness falls apart completely.
Examples of non-uniqueness of IMEI numbers on mobile phones
“In theory, hackers can clone a phone using its IMEI, but this requires significant effort. They need physical access to the device or SIM card to extract data, typically using specialized tools.
“The cloning process involves copying the IMEI and other credentials necessary to create a functional duplicate of the phone. However, IMEI number security features in modern devices are designed to prevent unauthorized cloning.”
So don’t claim an IMEI is unique when there is evidence to the contrary. As I said in my April post:
“NOTHING provides 100.00000% security. Not even an IMEI number.”
What does this mean for your identity product?
If you offer an identity product, educate your prospects and avoid unsupportable claims. While a few prospects may be swayed by “100%” claims, the smarter ones will appreciate more supportable statements, such as “Our facial recognition algorithm demonstrated a 0.0022 false non-match rate in the mugshot:mugshot NIST FRTE 1:1 laboratory testing.”
When you are truthful in educating your prospects, they will (apologizes in advance for using this overused word) trust you and become more inclined to buy from you.
If you need help in creating content (blog posts, case studies, white papers, proposals, and many more), work with Bredemarket to create the customer-focused content you need. Book a free meeting with me.
On the long-standing debate on the mix between automation and manual operations, here’s what the Cyber Security Hub says:
100+ AI security startups claim they can replace Tier 1 and Tier 2 SOC analysts with 24/7 LLMs. They promise AI can triage, detect, and respond—no humans needed.
But here’s the reality:
AI tools hallucinate and miss context
Custom attacks slip by without human insight
Escalations stall when no one’s validating alerts…
…This isn’t about rejecting AI. It’s about using it wisely—and never cutting people out of the loop.
Check this article from cyberdaily.au regarding a reported third-party breach. This one is from Danish jewelry brand Pandora.
“The company said that impacted data includes names, birthdates and email addresses, but that financial information, government identifiers and passwords were not accessed by the threat actors.”
“While Pandora has not shared the name of the third-party platform, BleepingComputer has learned that the data was stolen from the company’s Salesforce database.”
Not that it’s necessarily Salesforce’s fault. Access could have been granted by a Pandora employee as part of a social engineering attack.
“A reported passkey vulnerability has been walked back, and FIDO is recommended as the fix to the vulnerability of “phishable” MFA wreaking havoc on corporate networks around the world.
“The PoisonSeed attack reported by security company Expel earlier this month does not give access to protected assets, if the FIDO Cross-Device Authentication flow is properly implemented.”
Proper implementation and configuration is essential.
The FIDO Alliance is one of the chief proponents of the “death of passwords” movement, and is working on delivering secure authentication. But even the most secure authentication method is not 100% secure. Nothing is.
Authentication is a complex undertaking, and the ability to authenticate on a new device is a special challenge. But the FIDO Alliance has addressed this:
“Cross device authentication allows a user to sign in with their device using a QR code.
“FIDO Cross-Device Authentication (CDA) allows a passkey from one device to be used to sign in on another device. For example, your phone can be linked to your laptop, allowing you to use a passkey from your phone to sign into a service on your laptop.
“CDA is powered by the FIDO Client-to-Authenticator Protocol (CTAP) using “hybrid” transport. CTAP is implemented by authenticators and client platforms, not Relying Parties.”
“After entering their username and password on the phishing site, the user was presented with a QR code….
“What happened behind the scenes is the phishing site automatically sent the stolen username and password to the legitimate login portal of the organization, along with a request to utilize the cross-device sign-in feature of FIDO keys. The login portal then displayed a QR code….
“In the case of this attack, the bad actors have entered the correct username and password and requested cross-device sign-in. The login portal displays a QR code, which the phishing site immediately captures and relays back to the user on the fake site. The user scans it with their MFA authenticator, the login portal and the MFA authenticator communicate, and the attackers are in.
“This process—while seemingly complicated—effectively neutralizes any protections that a FIDO key grants, and gives the attackers access to the compromised user’s account, including access to any applications, sensitive documents, and tools such access provides.”
Presumably the FIDO Alliance will address this soon.
Among the available downloads for the Institute for Defense and Government Advancement’s (IDGA’s) upcoming Border Technology Summit is one entitled “Tracking 2025 Changes to U.S. Border Security Policy.”
“In conjunction with a new administration in the White House, operations on U.S. borders have shifted drastically in 2025. Figures from Customs & Border Patrol (CBP) show apprehensions at U.S. borders are higher than they were at this time a year ago, and a recent travel ban has restricted entrance into the U.S. for citizens from 12 countries.
“In its first six months, the Trump administration has moved quickly to mitigate what the White House is calling an “invasion” taking place on the southern border. On Inauguration Day, January 20th, the new administration moved quickly to sign a handful of new policies directed towards American borders. This report will highlight how executive orders, CBP mission areas, and DoD actions on the southern border have established a new normal for American border security. The first section will look at the instructions explicitly laid out in the executive orders signed by President Trump.
“If you are interested in learning more about the future of border security, register for IDGA’s Border Technology Summit taking place September 23-24 in San Diego, California. The two-day summit provides a forum to explore the latest advancements in border security technology. This year, we are focusing on engaging our audience with high-level discussions surrounding advancements in biometrics, non-intrusive inspection, smart walls, current and future operations of border security, and much more.”
Bredemarket 