RE: APT Equals FUD
Thanks for this, John. I think people would rather not talk about security - on a basic level, it's not as 'fun' as talking about the latest gadget or 'X as a Service', and on a deeper level, as you point it, it's scary and can even breed mistrust and confusion. It's no wonder that people don't want to talk about it! But, it's important that we do, and I'm glad to see that Interop still has a whole track devoted to security and that we have accredited professionals like you willing to write articles like this and advise your peers on best practices. You'll certainly get no argument from me for caling them out on FUD.
What you call FUD is no stranger to people from many industries, but when you're talking about information security there's a special way that you can make it sound scary. There what you call the 'known unknown' and the 'unknown unknown' - you can never know what you don't know, and nefarious people on the other side of the world could be up to anything. That's not a myth at all, either - there are some scary stories about government-sponsored espionage and worse. That being said, I agree that it's pretty unlikely these people are calling their work 'advanced persistent threats', and that means we probably shouldn't either. Let's focus on beefing up our security.