FireEye is a huge security company with high profile clients like Sony Pictures. But the company’s success hasn’t stopped it from doing dumb things to grab attention. For instance, sending out a sales pitch that likens the deady Hurricane Matthew with a cyber attack is a dumb thing to do.
Security analyst Jerry Gamblin recently received the aforementioned sales pitch from FireEye. It compared Hurricane Matthew—which has claimed more than 1,000 lives in the Caribbean and US—to cyber security. The text from the email is pretty awful:
I hope you are staying dry out there. After watching hours of Weather Channel updates on the storm, I couldn’t help but notice the similarities between Hurricane Matthew and a cyber-attack.
- Although many took the necessary precautions, Hurricane Matthew altered and caused terrible damage.
- You can’t truly predict where the storm will hit.
- Without the correct tools, you will be left stranded needing outside help
- Many people were well protected from the wind and the rain, but the flood caused the most damage.
- t is just a matter of time before the next one happens again.
I like the parallelism and hope you can see how it would translate to the cyber security world. At FireEye, we combine the best of both human and machine intelligence to create industry leading threat intel that you can use throughout your organization. We provide the tools necessary to protect you regardless of the type and nature of the “storm” that comes. We will work with you to customize the perfect plan for your organization with your near and long term objectives for your organization and make sure you are not protected against one type of threat.
Gamblin clearly did the right thing by taking a screenshot of the email and publicly shaming FireEye in a tweet. The email drummed up criticism from the security community almost immediately. FireEye has not responded to Gamblin’s tweet.
We’ve also reached out to FireEye for comment and will update this post when we hear back.
Update 10/12/16: FireEye responded to the incident with an official statement:
“The email was sent out by an individual employee to a small group of recipients and was not part of any FireEye marketing campaign. Unfortunately it did not rise to the standards ofFireEye and we apologize for the insensitivity. As soon as we were made aware of the email we responded immediately to address the situation with the employee, and have taken additional steps to ensure this doesn’t happen again.”