[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISN] Cyber-Threats Outpace Security Measures, Says McAfee CEO


By Richard Martin
September 18, 2007 

Despite the increase in government compliance requirements and the 
proliferation of security tools, companies continue to underestimate the 
threat from phishing, data loss, and other cyber vulnerabilities, new 
McAfee CEO David DeWalt said Tuesday.

In a keynote address at the InformationWeek 500 conference in Tucson, 
DeWalt said "it's amazing how low the awareness is of cyber-security 
threats" among both government officials and corporate executives. "As 
the world has flattened, we've seen a significant amount of emerging 
threats from increasingly sophisticated groups attacking organizations 
around the world."

Citing recent highly publicized corporate data breaches that have beset 
major companies like Ameritrade, Citigroup, and Bank of America, DeWalt 
said that cyber-crime has become a $105 billion business that now 
surpasses the value of the illegal drug trade worldwide.

Last week Internet stock trading company TD Ameritrade Holding said that 
one of its databases had been hacked by a thief who obtained personal 
information on some of its customers. Yesterday, an attorney launching a 
class-action lawsuit against Ameritrade claimed the online brokerage 
knew that someone had compromised its database as early as one year ago. 
An Ameritrade spokeswoman told InformationWeek that all of the company's 
6.3 million accounts opened before July 18 of this year were exposed.

Worldwide data losses now represent $40 billion in losses to affected 
companies and individuals each year, DeWalt says. But law enforcement's 
ability to find, prosecute, and punish criminals in cyberspace has not 
kept up: "If you rob a 7-11 you'll get a much harsher punishment than if 
you stole millions online," DeWal remarked. "The cross-border 
sophistication in tracking and arresting cyber-criminals is just not 

Looking ahead to new forms of threat detection and enterprise data 
security, DeWalt outlined five major trends that will reshape the 
security industry and transform how companies secure their corporate and 
customer information in the next few years.

The first is industry consolidation, as the large number of small 
vendors become acquired or give way to larger companies. "The security 
market will go through the same transition that other industries have," 
DeWalt said. "Right now you've got 50 or 60 vendors out there, and 
customers are faced with the questions of how do you integrate all those 
solutions, and create interoperability between them? It's not 

With vendor consolidation will come the transition from multiple 
security agents on desktops and laptops to what McAfee terms "unified 
threat management," with a "single pane of glass" that allows IT 
managers to monitor and manage systems and devices across the entire 
network through a single console or platform.

Second, the increase in cyber-threats has fueled a rapid growth in 
compliance requirements as the federal government tries to mandate 
higher levels of security and protection of sensitive consumer and 
patient data. "There's a lot of legislation around industries forcing 
them to comply with various standards for customer protection," said 
DeWalt, including payment-card industry regulations, Sarbanes-Oxley 
reporting requirements for public companies, and the 1996 Health 
Insurance Portability and Accountability Act.

In fact, along with many corporate executives in the U.S., DeWalt 
believes that "the pendulum has swung too far" toward increased 
government oversight of corporations and the customer data they control, 
causing American companies to lose their competitive edge to businesses 
in other countries with less-stringent compliance requirements, 
particularly in Asia.

The third important trend is the movement of security protection from 
the perimeter of corporate networks toward the data layer itself: 
"Traditional security has always been concentrated on the perimiter, on 
endpoint devices, particularly with firewalls," DeWalt noted. "The focus 
now is on thinking about data-oriented security" by classifying certain 
types of data so that it cannot leave the corporate network or 
company-owned devices.

That is especially important because some 70% of all data losses are 
caused by insiders of one sort or another.

Fourth, companies are facing new challenges as server virtualization 
spreads across many industries and many types of industries. 
"Virtualization is an amazing juggernaut in terms of security risk," 
said DeWalt, listing non-compliant virtual machines, VM-aware threats 
that can subvert countermeasures, the propagation of infected 
virtualization images, and "hyperjacking," or the potential for a single 
breach to offer simultaneouos access to many machines across a 
virtualized environment as some of the emerging risks.

"Managing and protecting a single physical endpoint is much different 
than managing security virtually," DeWalt said.

Finally, the emergence of new platforms and devices presents 
cyber-criminals with new targets for hacks and phishing scams. Mobile 
devices such as smartphones and voice-over-IP systems are inherent more 
vulnerable than traditional clients and telephony services.

McAfee and its competitors are bringing out new products and technology 
to deal with these emerging threats, said DeWalt, but the advantage for 
the moment still lies with the evildoers in cyberspace. "We're in inning 
two of a nine-inning game here," he concluded.

CSI 2007 is the only conference that delivers a business-focused
overview of enterprise security. It will convene 1,500+ delegates,
80 exhibitors and features 100+ sessions/seminars providing a
roadmap for integrating policies and procedures with new tools
and techniques.  Register now for savings on conference fees   
and/or free exhibits admission. - www.csiannual.com