A problem arises when a company puts too much faith into one product or solution when the reality is that no one product is capable of adequately protecting every level of an organization. A unified framework of solutions that also anticipates what may be of value to an attacker is what will at least keep a company a few steps ahead of the game.
What do you see your clients most worried about?
I think for the most part, our customers are worried about business grinding to a halt because communications systems are incapable of performing as they should. I believe clients are worried about providing a secure means of communication. By keeping their communication network secure, they're able to avoid being taken offline by a virus or some other type of malicious attack. People who already have excellent AV solutions in place are concerned about the number of attacks finding a way into their network and they're aware of how quickly the window of vulnerability is being taken advantage of by hackers. They don't want to wait for their vendors to provide patches or devise complex workarounds, they want to know that they're being protected from every possible angle. In-essence, our clients have a valid business need to use e-mail and the internet, but are finding that they need to restrict access for purposes of security, and THAT impacts business.
The real enlightening thing for our customers is that regardless of what email security gateway or AV solution they have in place, we can go into their organization and within hours show them what's getting through. We're catching zero-day attacks, even though many companies have policies to mitigate and manage outbreaks in a reactive and expensive manner. Our solution is catching the things that make it through their existing defenses and REDUCING the time required for cleanup and restoration
Based on the feedback you get from your clients, are there more internal or external security breaches?
I would say that there are valid reasons for concern for BOTH internal and external protection. Most companies still have a higher level of trust for internal security. Unfortunately, a small number of individuals have betrayed that trust, generating the need for increased attention on internal security breaches. However, the majority of attempts from malicious entities are based OUTSIDE of the organization. Wise IT administrators will pay close attention to BOTH internal and external layers of protection.
What challenges do you face in the marketplace? What do you see as your advantages?
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.