What follows are the continuation of John Thompson's comments, Chairman and CEO of Symantec, at the RSA Conference, as he answers how to build confidence in the wired world:
Antivirus and firewall solutions are a first line of defense. But with new threats, we cannot become complacent and pat ourselves on the back for solving yesterday's problems. We also shouldn't assume that a less vulnerable operating platform delivers adequate security against tomorrow's threats.
We need to constantly innovate and develop new solutions to keep pace with the evolving risks to enterprises and consumers alike.
There is no doubt in my mind that managing user identities is the most pressing challenge facing the industry today.
We must give consumers ways to protect their identity and to gauge the reputation of the sites they visit.
What I'm talking about here is a user-centric approach - versus a technology- or platform-centric one. After all, the goal is to protect the user - regardless of the device they use, online transaction they undertake, or threat they may face.
Consumers will demand that enterprises conform to a set of technologies and business practices. They'll demand a certain level of security before they're willing to connect.
This all starts with intelligence - knowing what threats are out there. Once you have access to intelligence, you need a way to connect it to a technology platform that enables you to understand what's in your infrastructure. That means leveraging technology that collects data from traditional security solutions, such as antivirus, firewall, and intrusion detection products, and network infrastructure devices, operating systems, and databases. Then it's a matter of correlating the data with the external intelligence to prioritize critical incidents within your own network.
Responding to potential risks also takes the right personnel and processes. Organizations need to train their staff in security best practices, hire people who know how to manage an IT risk management program, and make sure they've put into practice the right procedures.
The paradigm has shifted when it comes to security. Enterprises now have the responsibility to secure whoever connects to their networks - especially their customers - and have confidence in that connected experience.
Organizations like Cyber Security Industry Alliance are important at this inflection point in our industry. If you don't know much about them, I encourage you to learn more. And if you haven't joined, please do. They are our voice - and it must be heard.
So let's review: the future will bring more risk, which will require greater intelligence and innovation, and demand more cooperation, as no one company can do it all alone anymore. But the future wired world depends on confidence, as does democracy, so it is essential that every company, including the company I work for, Message Partners, plays their part (which is why Message Partners built such a remarkable amount of flexibility into our email platform so we could adapt to the future challenges of email security).
Leave a comment