RSS Alerts

Share

More services

Related Links

Related Stories

  • RSA: Symantec CEO Enrique Salem calls for automated information security
    In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape.
  • Researching the Security Researchers
    The security industry doesn’t have it easy. For every virus it detects and prevents, several new ones are being designed for maximum impact and damage. Information security researchers are up against a deluge of malware writers. Wendy M. Grossman reports on how they keep up
  • The Approaching Mobility Maelstrom
    Last year Drew Amorosi polled the Infosecurity editorial board on their predictions for 2011. This year he decided to broaden the sample and find out what the rest of the industry are talking about. What he received was an overdose of mobile security warnings
  • Obstacles Facing the US Cybersecurity Initiatives
    Although the US government is paying more attention than ever to the issue of cybersecurity, the recent battles in Washington over budgets and austerity measures mean that funding could potentially dry up in an instant. Fred Donovan surveys the experts to get their take on where the nation’s cybersecurity program is heading
  • Research claims email no longer the main source of e-discovery requests
    Research just released by Symantec claims to show that email is no longer the primary source of information for legal e-discovery requests, meaning that firms must now be prepared to produce information from more sources than ever before.

Top 5 Stories

News

RSA: Symantec CEO Enrique Salem calls for automated information security

22 April 2009

In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape.

 

Salem’s primary message to his audience was that of automation and risk-based, information-centric security. “The current security model isn’t working - it’s time for us to operationalise security, it puts you in control” said Salem.  “Information protection is the most important lesson for organisations”, he continued.
 
“Security practitioners are tired of working with different point products – they want to be able to respond and remediate threats very quickly through automation, which many don’t have today” said Salem. “We have to bridge the gap between security and everyday IT operations. Security needs to be more pro-active and more measurable”.
 
Symantec’s Salem spoke about the cat and mouse game that the vendors are playing with the hackers. “In 2008 we saw 1.6 million new signatures being created. This pales in comparison to the amount of threats we’re seeing every day...Attackers are shifting their attacks – using micro-distribution to target individuals to steal their information”.
 
“Protecting information becomes harder as the environment becomes more complex. Employees are also starting to bring their own devices into their work environment. How can you virtualise the environment while driving security?” continued Salem.
 
Salem said that IT teams must apply a risk-based, information-centric, responsive and workflow-driven approach to security; even more essential considering that many computing environments are moving to the cloud. “Measuring risk before automatically applying the appropriate policies and processes to deal with them will save companies money, and thus become more effective”, advised Symantec’s Salem.
 
“Companies shouldn’t have to choose between productivity or security – it shouldn’t be an either/or situation” said Salem.

Salem suggested that Symantec and other vendors should work together to develop standards and share best practices surrounding risk management. This echoed head of RSA, Art Coviello’s sentiments as expressed in his opening keynote.
 
Symantec’s CEO also suggested that government adhere to this change. “We need our new administration to operationalise security at the federal level. We need a cybersecurity person in charge of cyber security reporting in to the president”.
 
“You can absolutely operationalise security – you need to create a culture of confidence and allow your business to grow and thrive. Put the right policies in place to work for you and be in control. We have to operationalise security”, Salem concluded.
 
Salem took over for former Symantec chief executive John Thompson on April 4.

 

This article is featured in:
Business Continuity and Disaster Recovery  • Data Loss  • Identity and Access Management  • Internet and Network Security • Malware and Hardware Security • Public Sector  • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012