The industry reflects, looks ahead

By Staff, ZDNet Asia
Friday, March 14, 2008 06:39 PM

Ashley Wearne, McAfee's vice president for Australia, New Zealand, Southeast Asia and India

Ashley Wearne,
McAfee

As threats evolve and grow, enterprises can no longer depend on a motley collection of standalone security products, and they need an integrated security approach.

Q. Gartner issued a report warning IT heads to prepare a recession budget. What is your view?
Wearne: The business reality is CIOs and security managers have always had to compete with other corporate functions for funds. CIOs are well-schooled in doing more with less.

At McAfee, we are able to help our customers with ways to model the benefits of security technology and show their impact on risk reduction. This allows them to have a quality conversation with the business people regarding their security spend.

Name three hot technologies to watch in 2008, and explain why.
The first is data loss prevention. Enterprises are realizing that loss of data and leakage of confidential information is the most important security threat. As enterprises give employees more access to information, there are more opportunities to lose information--through USB thumb drives, e-mail, disk drives, employees who cut and paste data or post information on online forums and Web sites. While organizations want to give employees a lot of tools, they also need to identify the most important data, who has access to those data, and how to control access.

Moving ahead in 2008

1.	Socializing goes big in 2008
2.	The urge to merge in 2008
3.	New chips on the block
4.	Web threats dominate security landscape
5.	Battle for the mobile platform space in 2008
6.	The industry reflects, looks ahead

Looking back on 2007

1.	Looking back at 2007 with envy
2.	Predictions that went right and wrong
3.	2007's movers and shakers

A McAfee study found that six in 10 companies suffered loss of confidential data last year, and one out of every three IT decision makers believes that a major data loss incident could be serious enough to put their company out of business. Enterprises are beginning to invest in security solutions that will help them control data loss and leakage. Analyst predictions are that every company will adopt data loss protection technology over the next three years.

The second is network intrusion prevention, integrated with network access control (NAC). As soon as a user connects to the Internet, he is exposed to threats that can come from anywhere in the world and from any source--e-mail, Web surfing, spyware. In addition, today's attacks are stealthy and complex.

The deployment of network intrusion prevention devices remains a high growth component in enterprise security strategy. IPS systems keep networks and network-connected devices safe with comprehensive threat prevention. Today's IPS technology is much advanced, with ability to monitor access policy and the users who have already connected to the network. If the network traffic from those users subsequently breaks corporate policy (for example, due to rogue programs or illegal sign-ons or virus) they can be removed from the network to a quarantine area and remediated automatically.

The third is blade appliances to handle security functions. The increasing speed of networks from 1Gb to over 10 Gb leads to massive increases in the amount of traffic to be inspected at the gateway for malicious content. Additionally the continually increasing volumes of spam and legitimate e-mail are resulting in demand for much higher throughput at the gateway. Of course, with these increases in speed and data volumes, downtime is even less acceptable, and the need for expansion an even more important criteria.

Blade appliances with extra high speed throughput will make a big entry into the security space in 2008 to handle gateway traffic inspection.

The biggest mistake I see CIOs make is...
... Undertaking new security technology projects without including integration between technologies as a criteria. As threats evolve and grow, enterprises can no longer depend on a motley collection of standalone security products, and they need an integrated security approach.

As they are likely to use products from more than one vendor, it is important to ensure the products automatically communicate with each other, and in the event of an attack on the network, the different technologies are able to put into motion a series of events to identify, contain and fix the problem.

Work-life balance is...
... A false expectation. Expectations are not realistic because of two reasons. One, people think that the balance must be there every day and, two, people think that to have balance, time spent at work and outside of work must be equal. Work needs to be a subset of our life, and since it's our life, we must take more control of it and not just hand it over to the company.

Lenovo

Motorola

0

0 votes

Save to My Library

Talkback 0 comments

There are currently no comments for this post.

Reply to story

Featured Whitepapers

Tech Jobs Now!

TechGuides

Specials
News and Interviews
Whiteboard

UOB banks on economic downturn
Singapore bank's IT chief Susan Hwee explains how financial crisis offers new opportunities to reengineer
Play video
Domino's Pizza keeps customers eating
CEO Don Meij discusses strategy to grow customer base
Play video

Salesforce CEO chatters about new social media platform
Facebook-type app hits the enterprise
Play video
Salesforce demos Service Cloud 2
New Web-based tools for customer service
Play video

Cost Effective, Secure and HA Server Infrastructure for SMBs
Alan Wan from Dell illustrates how small and medium businesses can build a high availability IT infrastructure without requiring heavy investments on skills and resources.
Play video
Enterprise 2.0
Vince Casarez, vice president of product management at Oracle, explains how Web 2.0 technologies, such as tags, wikis, and mash-ups, can be applied within an organization.
Play video