How Nintendo went its own way
Changing instilled paradigms was a constant through Fils-Aime’s career, he said, from reinvigorating the Panda Express fast-food chain to launching the Nintendo Wii and the Nintendo Switch.Fils-Aime said he joined Nintendo just as the video-game industry was entering a slump. Sony and Microsoft were focusing on more powerful hardware with the latest graphics and CPUs, but the games that ran on their systems were starting to all look the same.Nintendo took another tack, he recalled. It decided that game controllers were getting too complicated, especially for younger children. Even the GameCube controller had 11 different control buttons and joysticks.So Nintendo simplified the controller interface. It introduced the DS with a touchscreen and stylus so that gameplay could be more intuitive, creating a whole new category of handheld games.Then it brought out the Wii, which was underpowered compared to the Xbox 360 and PlayStation 3, but had a radically different motion-sensitive controller that anyone, young or old, could quickly learn to use.It was during the run-up to the launch of the Wii that Fils-Aime took one of the biggest risks of his career. The Nintendo leaders in Japan felt they had a sure-fire hit on their hands with the Wii Sports game, and they wanted to take the traditional route by selling it as a stand-alone game for $50 a copy.File-Aime saw it differently.”I thought that Wii Sports encapsulated everything that the Wii was all about,” he said. “I negotiated for months to have Wii Sports bundled with the Wii.”A compromise was reached. Nintendo would bundle Wii Sports with each new Wii — but only in the Americas and Europe. In Asia, the two would be sold separately.For that reason, Fils-Aime said, the Wii was a bigger hit in the U.S., Latin America and Europe, where new owners could get the full Wii experience right out of the box, than in Nintendo’s home market. He recounted that adults were playing Wii Sports in bars and on cruise ships, greatly expanding the market for video games.”I think that was key to the success of the Wii,” he said.
Containing costs while curbing attacks
We usually see the cybersecurity industry as one half of a spiraling arms race, developing ever more complex, sophisticated solutions to counter similarly clever and intricate attacks. To keep up, organizations must spend staggering amounts of money to buy and implement the latest platforms and defense methods.This approach isn’t working, said Dr. Chase Cunningham, a former U.S. Navy and NSA cryptologist who is now vice president of security-market research at G2. Despite the money spent on cybersecurity — more than on cancer research, he said — the rate of high-profile breaches is not slowing down.Cybersecurity spending keeps rising, Cunningham pointed out, even as the cost of entry into the cybercrime industry keeps falling. Anyone can now become a cybercriminal and use attack tools and techniques that were once exclusive to nation-states.”The cyberwarfare playing field is level,” Cunningham said. “Everybody, everywhere is a potential cyberwarfare actor.”Expensive solutions are not the answer, he said. Instead, the most successful cybersecurity defenses are often the simplest: least-privilege access, allowlisting, zero trust. And despite 30 years of trying, the cybersecurity industry still hasn’t been able to overcome human nature.”People will always use [lousy] passwords and will always click phishing links,” Cunningham said. “We need to make it so that doesn’t matter.”To Cunningham, the cybersecurity industry — which he sees as fueled by “Patagonia-vest-wearing VCs in Silicon Valley” who “just want a 35% return” — needs disruption so that it can become more innovative.”This is an industry built on monopoly,” he said, one in which the top 12 vendors compromise half the global market while thousands of smaller firms fight over the other half.The smaller firms are where the innovation happens, Cunningham said. And when something new and useful is developed by a small vendor, one of the bigger firms buys the company and either uses it or shuts it down.So don’t trust the experts, Cunningham urged. Disrupt your mindset. Question the validity of every new cybersecurity acronym. Question the authority of market-research firms and ask why you pay so much money to subscribe to their reports.”The only marketing quadrant you need to be in,” he told the Zero Trust World audience, “is the one for intelligent people who are prepared.”
Success with simple solutions
In a presentation on the last day of Zero Trust World, Jenkins recommended that organizations create a baseline for their security stances by taking the simple steps that Cunningham mentioned — no expensive platforms necessary.”We accept that users are going to put their passwords into malicious sites,” Jenkins said, suggesting proactive remedies such as blocking access to browser session cookies, closing unused ports and applying timely patches.”If you can stop a port being open to the world, that really helps,” he said, “Some people never patch their servers, because they figure if it ain’t broke, don’t fix it. But it is broken! That’s why there’s a patch.”Jenkins did pitch ThreatLocker’s own ring-fencing software, which prevents any application from performing tasks outside its normal range of functions. But he added that the company’s entire business model is about making sure that if users do click on phishing links, it won’t compromise security. “Our job is to make your life easier,” he told the Zero Trust World audience.
