Not replying to anyone in particular. Just because you personally haven't been victimized,
(1) you don't know if there is malware buried in your system that you haven't detected.
(2) you may be lucky.
(3) the security software that came installed with your system (Microsoft Defender) has been effective in blocking threats.
(4) all the websites you have visited have successfully ptoected themselves by hackers and cybercriminals.
(5) you never connect to the Internet.
- Consider all the news articles about individuals, businesses, and governments getting targeted by "ransomware" and being forced to pay money to supposedly get all their data decrypted.
- Consider all the news articles about people whose credit card information is stolen in attacks on stores. (That has happened to me twice now.)
- Consider all the news articles about hackers trying to disrupt the entire networks of government, utilities, and even individuals.
- Consider all the news articles about state hackers from Russia, Iran, China, North Korea, etc.
I agree that effective information security is a drag on productivity. It's no different than paying for fire or theft insurance. It provides no direct economic benefit.
In the interests of full disclosure, for over ten years, I worked in software product management for various system and computer security companies, focusing on businesses and governments. You may still remember Sun Microsystems. At Sun one of our business partners was Check Point Software. My various security company ex-employers, you probably never heard of. I can't tell you how many times a company would contact us to say that they had been hacked, and
now they realized that they needed protection against being hacked again. I have also been asked by friends to recommend security software for their personal computers.
I can understand the resentment that many people feel towards some security software vendors, and by the way
I agree with that feeling. Too many vendors rely on FUD (fear, uncertainty, and doubt) as a crutch because they fail to articulate a clear benefit for their products. Quite possibly their products don't offer any real value. Or else the vendors rely on cliches and generalizations as a sales and marketing strategy. Many sales people don't know how to really sell products. I once worked for a startup, long since out of business, that had products that didn't address legitimate needs. or perhaps they couldn't explain the real business benefit. The venture capital investors came in one day and simply shut down the company, effective
immediately. We all went home that day with our personal items, before lunch.
That all said, there is still a legitimate need for effective security tools. Ask anyone who runs a website. I have worked in companies where many people got infected. Malwarebytes fulfills a legitimate need for me. The paid version warns me immediately if I try to go to a problem website.
Phil Burton