Interview with Bruce Hendrix, President and CEO of ServGate
by Mirko Zorz - Monday, 12 July 2004.
2) Many enterprises have invested in conventional firewall technology, blind to blended threats, or antivirus software in the host or client environment, but the multiple edge of today's modern distributed enterprise generally have not been secured adequately against the blended threat. Establishing 'trusted zones' between edge connections, such as email servers and remote access servers, is a more progressive, comprehensive defence strategy. This is an effective way of dealing with threats that originate internally so as to stem further outbreaks and also to nullify external threats that bounce from edge point to edge point probing for vulnerabilities.

Based on the feedback you get from your clients, are there more internal or external security breaches?

As outline above, the nature of the modern threat is such that it's really difficult to distinguish between external and internal threats; an external threat can quickly become an internal threat if the multiple edges and access points to business critical data are not 'redoubted' or protected by multiple layers, and internal threats can quickly become external liabilities if your network becomes vulnerable to an agent attack that uses a FTP engine to export internal documents and data, as with the Sasser attack, or uses it's own SMTP engine to harvest internal Outlook accounts and broadcast email spam attacks to the outside world, effectively diminishing your corporate reputation and brand equity. A full context security solution that scans the complete cross-section of internal and external threats is the best way to redoubt network connections.

What do you expect from the future? Is it likely for a "cyberterrorism" event to take place in the next 12 months or do you see it as media hype?

Companies and organisations are victims of a form of cyberterrorism everyday; professional hackers who invade corporate networks to slow down business performance or outright disrupt business continuity are stealing money and damaging reputations. In worse cases, the hackers cause billions of dollars of damage to computer systems or steal sensitive business or customer data. The criminal nature of the blended threat attack is evidenced by the recent arrest of the Sasser attack author.

Cyberterrorism for geopolitical reasons is still and always will be a national security threat that Homeland Security and others rightfully devote major resources to defending against. But organisations and companies of all sizes that are vulnerable to the everyday cyberterrorist's indiscriminate attacks need to take appropriate measures too to shore up their networks and seal off the threat of malicious attacks.

Spotlight

Review: Bulletproof SSL and TLS

Posted on 12 September 2014.  |  Deploying SSL or TLS in a secure way is a great challenge for system administrators. This book aims to simplify that challenge by offering extensive knowledge and good advice - all in one place.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 15th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //