Midsize Enterprise Summit: CA's Kafkarkou Says Best Defense Is Strong IT Offense
"Our projection is that thirty million instances of malware will occur in 2010. And it's not just the volume. The complexity has also increased," Kafkarkou said Tuesday during a tech symposium at Midsize Enterprise Summit East in Miami. "The complexity of this stuff is growing exponentially. The motivation has moved from [planting] a virus be purely sinister. They're after you're money."
With that in mind, it's no longer enough for midsize companies -- or companies of any size -- to just protect malware at the end point, Kafkarou said.
"Often we have multiple security offerings from multiple vendors managing your environment," he said. "But I wonder do we know the complete risk of managing this across many platforms?"
There are too many real life instances of even big organizations falling victim to security intrusions, Kafkarkou said. "The majority of instances are not because of the product. It's because of a lack of best practices and not staying current with the system. I can't tell you how many big institutions, banks, government agencies who say, 'We're double protected. We have great products,' and then someone off network plugs in a USB key [and inserts malware]."
Online intrusion is the biggest driver for threats but off-network intrusion is just as dangerous, Kafkarkou said.
"You need a multi-layered security solution because the world is complex. You have to strike balance, particularly in the midmarket where you don't have a lot of resources," he said. "You have to balance between running the business and managing the risk of running the business. It's not an easy balance to achieve."
In particular, root kits, which sit between the operating system and the hardware are a big threat, he said.
CA plans to integrate its strongest anti-root kit protection to date into its security products over the next couple of months, included the upcoming CA Total Defense r12, he added. In developing Total Defense, CA engineers spent the biggest amount of time looking at the day of a network administrator to better understand how a security solution could more easily help them solve problems, according to Kafkarkou.
"If you only have deployed in your midsize company an end point anti-malware offering, that's not enough. If you only have a gateway security offering, that's not enough. If you only have a firewall appliance, that's not enough," he said. "Imagine before it hits the end point, 81 percent of threats are detected and removed. That's why you need multiple layers of security that's what Total Defense r12