Managing the threat landscape
Written by Neil Sutton Friday, 18 April 2008 06:32
When you’re the head of one of the world’s largest IT security companies, everyone wants your advice.
Dave DeWalt, president and CEO of McAfee, made a recent visit to southern Ontario to speak to customers and partners about the threats they should be most concerned about.
Dave DeWalt, president and CEO of McAfee, made a recent visit to southern Ontario to speak to customers and partners about the threats they should be most concerned about.
Not surprisingly, the news isn’t good. Malware is growing at an
exponential rate and cybercriminals are better organized than ever
before. The problem is so staggering, most people probably aren’t even
aware of how vulnerable they are. Not that DeWalt is deterred. His
company is working on solutions that should help users, both corporate
and consumer, avoid the worst of it. DeWalt spoke to Canadian Security
about advanced encryption standards, cloud computing, and how mobile
devices have changed the way we think about malware.
CSM: Why did you make a stop in Ontario?
Dave DeWalt: I was hoping to see the Maple Leafs, but they didn’t make the playoffs (laughing). No, I’m here for a number of reasons . . . first and foremost a number of customer and partner events that we have going on here. We’re doing a security seminar. We’ve had well over 100 customers come, as well as our partners. I did a keynote talking about McAfee’s vision and trends in the marketplace.
We have a large development centre near Toronto in Waterloo and it does all our development operations for our consumer business. It gave me a chance to meet the employees, do a tour and meet some customers too.
CSM: What are you doing as a company to address growth in malware and the continuing rise of cybercrime?
DD: One of the things that I talked to (in my keynote) was some of the startling trends occurring in the marketplace, most notably around the amount of malware we’re seeing and the sophistication of cybercrime and cyberterrorism. We have a chance at McAfee to see a lot of trends that are happening with malware. In the last year, we’ve seen an exponential increase in malware. In fact, in 2007, 40 per cent of the malware that was ever produced in history was produced last year. On average last year, we saw 372 net new malware pieces every day. We’re estimating we’ll see more than 750 (a day) ”“ almost twice that of 2007. It’s a pretty amazing problem. The reality is, it’s accelerated so dramatically in the last two years, we are in a pretty challenging environment ”“ and then when it’s coupled with the amount of cybercrime that goes along with that, it’s become a daunting problem. We’re seeing pandemic-type scenarios.
CSM: When the growth rate is so alarming, how do you try to stay one step ahead?
DD: We’ve created a global framework for research ”“ our AVERT labs. Initially, that stood for anti-virus emergency response team, but it evolved into research labs that are stationed all over the world that become the early warning for major problems that the world is facing. In some cases, they receive thousands of samples a day ”“ from consumers and corporations who have been infected with something. Our labs process them and then they write signature files or DAT files to distribute back out, creating immunities to these problems.
In Waterloo, for example, we have researchers connecting with Canadian samples, just like we do in the U.S. and Japan and China and Europe. They have the ability to process them, manage them and ultimately resolve them for their local countries.
CSM: Most people have decent spam filters on their email, so they’re not always aware of the amount of spam or viruses out there. Does that create a false sense of security?
DD: Spam is an interesting problem. What we’re talking about is the adware market, which is generally perceived to be spammers. The way viruses were once transmitted, either through email or through physical kinds of mechanisms ”“ one computer at a time ”“ has changed dramatically with the advent of virtualization, the Web and mobile computing. It’s changed a lot. We see a lot of different threats. It used to be, “Hey, I’ve got a virus on my computer.” But now, it’s “Somebody’s watching everything I’m doing on my computer.”
CSM: If you were talking to an IT manager or security manager in a company, what would your advice be?
DD: It’s a little different depending on the size of the corporation. Obviously, larger corporations already have a lot of security infrastructure. Part of our value proposition has been to reduce the complexity while giving a higher protection/lower cost model. In the past, a lot of people have been trying to solve problems by throwing a lot of different vendor products at them. Over time, that creates even more complexity and bigger cost. So it’s a different problem for the enterprise.
For smaller companies and start-ups, there’s a series of technologies that can be on the premises as well as in the cloud. What I mean by “in the cloud” is security as a service. If I was looking to solve this problem today, I would look at technology that offered me a fast model to solve my security problems, which is something enterprises can’t always do but smaller companies can. For example, McAfee, as well as some of our rivals, has a very advanced capability as a service online that can automatically scan, remediate as well as immunize small businesses from problems. In our case it’s TOPS for small businesses (total protection suite).
CSM: Last year you bought a company called SafeBoot, which offers encryption products. How do you plan to incorporate that technology into your existing security software?
DD: SafeBoot has been a very strong asset for us already. SafeBoot focuses on a market segment called data protection: full disk encryption, file encryption . . . Think of your laptop as a vulnerability in that if you lost your laptop, someone could pull the disk out and get everything on the disk. What this technology enables you to do is encrypt the entire drive and make that drive useless through what’s called 512 AES (advanced encryption standard) encryption, which has never been broken. It prevents data loss or data theft.
This has been important for legislation that been administered around the world for PCI (payment card industry). PCI has produced a certain set of mandates that requires anybody who has access to consumer data ”“ like credit cards or social security numbers ”“ to report it, and they have to notify every consumer of the loss of data. Sometimes it can be very embarrassing and involve penalties and fines. [Editor’s note: the Information and Privacy Commissioner of Ontario created standards for encryption following the loss of a laptop last year belonging to a Toronto physician which contained 3,300 patient records.]
The technology from SafeBoot helps companies adhere to PCI compliance as well as prevent data theft. This has been a vast, growing market for us. We’re advancing it into a whole suite of products we’re calling TOPS for data. It’s a fascinating area.
Last modified on Friday, 18 April 2008 06:39
CSM: Why did you make a stop in Ontario?
Dave DeWalt: I was hoping to see the Maple Leafs, but they didn’t make the playoffs (laughing). No, I’m here for a number of reasons . . . first and foremost a number of customer and partner events that we have going on here. We’re doing a security seminar. We’ve had well over 100 customers come, as well as our partners. I did a keynote talking about McAfee’s vision and trends in the marketplace.
We have a large development centre near Toronto in Waterloo and it does all our development operations for our consumer business. It gave me a chance to meet the employees, do a tour and meet some customers too.
CSM: What are you doing as a company to address growth in malware and the continuing rise of cybercrime?
DD: One of the things that I talked to (in my keynote) was some of the startling trends occurring in the marketplace, most notably around the amount of malware we’re seeing and the sophistication of cybercrime and cyberterrorism. We have a chance at McAfee to see a lot of trends that are happening with malware. In the last year, we’ve seen an exponential increase in malware. In fact, in 2007, 40 per cent of the malware that was ever produced in history was produced last year. On average last year, we saw 372 net new malware pieces every day. We’re estimating we’ll see more than 750 (a day) ”“ almost twice that of 2007. It’s a pretty amazing problem. The reality is, it’s accelerated so dramatically in the last two years, we are in a pretty challenging environment ”“ and then when it’s coupled with the amount of cybercrime that goes along with that, it’s become a daunting problem. We’re seeing pandemic-type scenarios.
CSM: When the growth rate is so alarming, how do you try to stay one step ahead?
DD: We’ve created a global framework for research ”“ our AVERT labs. Initially, that stood for anti-virus emergency response team, but it evolved into research labs that are stationed all over the world that become the early warning for major problems that the world is facing. In some cases, they receive thousands of samples a day ”“ from consumers and corporations who have been infected with something. Our labs process them and then they write signature files or DAT files to distribute back out, creating immunities to these problems.
In Waterloo, for example, we have researchers connecting with Canadian samples, just like we do in the U.S. and Japan and China and Europe. They have the ability to process them, manage them and ultimately resolve them for their local countries.
CSM: Most people have decent spam filters on their email, so they’re not always aware of the amount of spam or viruses out there. Does that create a false sense of security?
DD: Spam is an interesting problem. What we’re talking about is the adware market, which is generally perceived to be spammers. The way viruses were once transmitted, either through email or through physical kinds of mechanisms ”“ one computer at a time ”“ has changed dramatically with the advent of virtualization, the Web and mobile computing. It’s changed a lot. We see a lot of different threats. It used to be, “Hey, I’ve got a virus on my computer.” But now, it’s “Somebody’s watching everything I’m doing on my computer.”
CSM: If you were talking to an IT manager or security manager in a company, what would your advice be?
DD: It’s a little different depending on the size of the corporation. Obviously, larger corporations already have a lot of security infrastructure. Part of our value proposition has been to reduce the complexity while giving a higher protection/lower cost model. In the past, a lot of people have been trying to solve problems by throwing a lot of different vendor products at them. Over time, that creates even more complexity and bigger cost. So it’s a different problem for the enterprise.
For smaller companies and start-ups, there’s a series of technologies that can be on the premises as well as in the cloud. What I mean by “in the cloud” is security as a service. If I was looking to solve this problem today, I would look at technology that offered me a fast model to solve my security problems, which is something enterprises can’t always do but smaller companies can. For example, McAfee, as well as some of our rivals, has a very advanced capability as a service online that can automatically scan, remediate as well as immunize small businesses from problems. In our case it’s TOPS for small businesses (total protection suite).
CSM: Last year you bought a company called SafeBoot, which offers encryption products. How do you plan to incorporate that technology into your existing security software?
DD: SafeBoot has been a very strong asset for us already. SafeBoot focuses on a market segment called data protection: full disk encryption, file encryption . . . Think of your laptop as a vulnerability in that if you lost your laptop, someone could pull the disk out and get everything on the disk. What this technology enables you to do is encrypt the entire drive and make that drive useless through what’s called 512 AES (advanced encryption standard) encryption, which has never been broken. It prevents data loss or data theft.
This has been important for legislation that been administered around the world for PCI (payment card industry). PCI has produced a certain set of mandates that requires anybody who has access to consumer data ”“ like credit cards or social security numbers ”“ to report it, and they have to notify every consumer of the loss of data. Sometimes it can be very embarrassing and involve penalties and fines. [Editor’s note: the Information and Privacy Commissioner of Ontario created standards for encryption following the loss of a laptop last year belonging to a Toronto physician which contained 3,300 patient records.]
The technology from SafeBoot helps companies adhere to PCI compliance as well as prevent data theft. This has been a vast, growing market for us. We’re advancing it into a whole suite of products we’re calling TOPS for data. It’s a fascinating area.
Published in
News
-
Sécurité Québec welcomes a new editor
Eric Cloutier outlines his plans for the next era of the French language security magazine for the Quebec market
2013
2012
