Welcome!

Linux Authors: Frank Huerta, Pieter Van Heck, Esmeralda Swartz, Gary Kaiser, Dana Gardner

Related Topics: Virtualization, Java, XML, Wireless, SOA & WOA, Linux

Virtualization: Article

Exclusive Interview with Robert A. Clyde, CTO Symantec

Exclusive Interview with Robert A. Clyde, CTO Symantec

The recent RSA Conference in San Francisco was well-attended by IT pros and the industry's leading security experts and executives. Among the crowd was Rob Clyde, the CTO at Cupertino, CA-based Symantec, one of the world's leading security software companies.

Q: Where is IT security going in a general sense?

Rob Clyde: Threats continue to increase in frequency, complexity, and speed. In 2003, we saw 900 million malicious code attempts and 140,000 network intrusion attempts. There were also seven new vulnerabilities discovered per day. We've reached an inflection point where today’s threats now move faster than our ability to respond. In the future we need proactive security strategies that enable us to get ahead of these ultra-fast spreading worms.


Q:
How are today's Chief Information Officers going to be sure that an enterprise, with tens of thousands of desktops, hundreds of servers, and dozens of partners and vendors with network access, will be secure and protect itself from blended attacks such as Blaster and Slammer?

RC: Protecting against today's blended threats requires an integrated approach to security. That means protecting the gateway, server, and client layers with multiple technologies including antivirus, intrusion detection software, firewalls, VPN, and vulnerability management integrated into one seamless solution.


Q:
Is perimeter security is enough in your view, or do CISOs now have to layer disparate security products at multiple tiers within their enterprise? If so, how do they do that most efficiently, and how do they best manage the process?

RC: Well, it is clear that the perimeter is disappearing and that a comprehensive approach to security offers the best protection. Integrated security solutions enable centralized configuration, deployment, installation, and policy management with simultaneous signature updates and rule changes as necessary. This type of integration enhances security and manageability while optimizing performance and return on investment.

This approach helps reduce the overhead, risk and administrative headaches that are common with disparate point products from multiple vendors. It also eliminates interoperability issues and simplifies the support and service environment.

At the same time it's clear that traditional security products and services only solve a portion of the end-to-end management challenge. Customers also need corporate-wide capabilities to centrally plan, track, and apply system hardware and software changes, including software distribution, configuration and patch management, and software license usage.

More Stories By Roger Strukhoff

Roger Strukhoff is Executive Director of the Tau Institute for Global IoT Research, (@IoT2040), with offices in Illinois and Manila. He is Conference Chair of @CloudExpo & @ThingsExpo. He is also Editor of SYS-CON Media's Cloud Computing Journal & IoT Journal & & writes for Computerworld Philippines. He has a BA from Knox College, Technical Writing Certificate from UC-Berkeley, and conducted MBA studies at CSU-East Bay.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.