Interop: Security Execs Talk Up Threat Management


The increasing complexity of threats is making it more important to simplify the management of IT security systems.

That was the main theme of a Tuesday afternoon keynote at Interop 2007 in Las Vegas in which the chief executives of IBM Internet Security Systems and McAfee outlined challenges companies face in protecting their networks and data from a myriad of rapidly evolving threats.

Most enterprises have invested enormous sums of money in security appliances and security services in their efforts to protect against threats. Yet most of them are still more vulnerable than ever, said Thomas Noonan, general manager of IBM Internet Security Systems.

And that's a problem not just from a threat protection standpoint, but also because data leakage can lead to irreparable brand damage, Noonan said.

"Security is really about protecting your brand in the marketplace and preserving the ROI of the entire business," Noonan said.

In 2006, IBM ISS' X-Force security research team identified and analyzed more than 200,000 distinct malware samples, and that number is sure to increase in 2007, according to Noonan. "Signatures simply cannot react quickly enough to the constant assault of variants from malware code developers," Noonan said.

Dave DeWalt, president and CEO at McAfee, Santa Clara, Calif. said that McAfee's Avert Labs is seeing hundreds of new threats every day. "We're going to see more malware in the next 18 months than we have in the last 20 years," he predicted.

There are about 17,000 new phishing websites cropping up every month, and stolen data from these and other sources are fueling more than $50 billion per year in identity theft, DeWalt said.

The emergence of online marketplaces where vulnerability information and exploits are freely sold is also contributing to the ever growing flood of malware, DeWalt added.

The growing complexity of IT security systems, and the amount of people needed to run and maintain them, is fast becoming one of the biggest obstacles to network security, Noonan said.

In a swipe against unnamed competitors, Noonan said it's important for vendors to offer a 'true' platform that's more than just a collection of point products sold under a single brand.

"I don't mean an 'integrated system' that's really a grab bag held together by professional services. I'm talking about a platform, not a professional services engagement masquerading as a technology solution," Noonan said.

Looking at systems that prevent data leaks from a lifecycle perspective is one way for organization to better manage risk, according to DeWalt,

"Most organizations don't even have a policy around what assets are important to them. The first part is understanding your assets, then you assign business value, and then you go into protection and detection, and do it on the system and the network," DeWalt said.