RSS Alerts

Share

More services

Related Links

Related Stories

  • RSA: Symantec CEO Enrique Salem calls for automated information security
    In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape.
  • Researching the Security Researchers
    The security industry doesn’t have it easy. For every virus it detects and prevents, several new ones are being designed for maximum impact and damage. Information security researchers are up against a deluge of malware writers. Wendy M. Grossman reports on how they keep up
  • Does Web 2.0 Need Security 2.0?
    With the proliferation of Web 2.0 services, security concerns have escalated. Davey Winder investigates how infosec vendors are addressing these challenges and wonders whether security 2.0 actually exists
  • Does Web 2.0 need security 2.0?
    With the proliferation of Web 2.0 services, security concerns have escalated. Davey Winder investigates how infosec vendors are addressing these challenges and wonders whether security 2.0 actually exists
  • Like falling off a log
    System logs haven’t really changed since the days of the IBM 360, but the need to manage them effectively for security purposes certainly has. Danny Bradbury finds out why log management is so important – and why we aren’t doing it properly

Top 5 Stories

News

RSA: Symantec CEO Enrique Salem calls for automated information security

22 April 2009

In his keynote at RSA in San Francisco, Symantec CEO Enrique Salem called for a significant shift in the way vendors and end-users approach information security. Change, said Salem, is needed to fight the current targeted threat landscape.

Salem’s primary message to his audience was that of automation and risk-based, information-centric security. “The current security model isn’t working - it’s time for us to operationalise security, it puts you in control” said Salem.  “Information protection is the most important lesson for organisations”, he continued.
 
“Security practitioners are tired of working with different point products – they want to be able to respond and remediate threats very quickly through automation, which many don’t have today” said Salem. “We have to bridge the gap between security and everyday IT operations. Security needs to be more pro-active and more measurable”.
 
Symantec’s Salem spoke about the cat and mouse game that the vendors are playing with the hackers. “In 2008 we saw 1.6 million new signatures being created. This pales in comparison to the amount of threats we’re seeing every day...Attackers are shifting their attacks – using micro-distribution to target individuals to steal their information”.
 
“Protecting information becomes harder as the environment becomes more complex. Employees are also starting to bring their own devices into their work environment. How can you virtualise the environment while driving security?” continued Salem.
 
Salem said that IT teams must apply a risk-based, information-centric, responsive and workflow-driven approach to security; even more essential considering that many computing environments are moving to the cloud. “Measuring risk before automatically applying the appropriate policies and processes to deal with them will save companies money, and thus become more effective”, advised Symantec’s Salem.
 
“Companies shouldn’t have to choose between productivity or security – it shouldn’t be an either/or situation” said Salem.

Salem suggested that Symantec and other vendors should work together to develop standards and share best practices surrounding risk management. This echoed head of RSA, Art Coviello’s sentiments as expressed in his opening keynote.
 
Symantec’s CEO also suggested that government adhere to this change. “We need our new administration to operationalise security at the federal level. We need a cybersecurity person in charge of cyber security reporting in to the president”.
 
“You can absolutely operationalise security – you need to create a culture of confidence and allow your business to grow and thrive. Put the right policies in place to work for you and be in control. We have to operationalise security”, Salem concluded.
 
Salem took over for former Symantec chief executive John Thompson on April 4.

This article is featured in:
Application Security • Business Continuity and Disaster Recovery  • Compliance and Policy  • Data Loss  • Identity and Access Management  • Internet and Network Security • Malware and Hardware Security • Public Sector  • Wireless and Mobile Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012