I wrote recently about Pacific Northwest National Labs (PNNL) “assessment” of McAfee’s security products applicability for Energy Sector ICS. I called it a love letter and questioned how a National Lab or any other firm that does an assessment could write such gushing marketing in a “Technology Security Assessment”.
What made it even stranger was this McAfee technical marketing document appeared to be funded by the US Dept of Energy. The cover page is the picture in this post, and you can click on it to see the larger view. It has US Department of Energy logo in the top left and says “Prepared for the US Department of Energy under contract …”. Similar text is in the inside.
The only place where a reader might believe this was paid for by McAfee is on page 5 where it states “Prepared for McAfee®, Inc. Under a Related Services Agreement With the U.S. Department of Energy Contract DE-AC05-76RL01830”. At best this is vague and buried on page 5.
I received confirmation that this document was funded entirely by McAfee. McAfee paid PNNL to write a marketing whitepaper. This is not uncommon, and you see this from organizations like the ARC Advisory Group or Gartner. There are a few important differences though:
- They clearly state if the vendor paid for the research/marketing.
- It is written in a more objective assessment tone. They usually treat the vendor who paid for the research in a positive light, but the PNNL document lacked their deft touch of still making it appear to be objective.
- And most importantly — they are known to be in this business. How many people think that a National Lab will take a contract to write a marketing white paper?