Latest news
Interview with Terry Dickson, CEO and Co-Founder of Avinti
by Mirko Zorz - Friday, 14 October 2005.
There are a number of factors involved in keeping sensitive information safe, but a company interested in protecting its assets will be thorough in its security assessment and ongoing auditing; the IT group will constantly evolve enterprise defenses, utilizing a number of security tools and solutions to protect every known entry point in the organization whether that be firewalls, intrusion detection, authentication, anti-spam, anti-spyware, anti-virus, etc.
A problem arises when a company puts too much faith into one product or solution when the reality is that no one product is capable of adequately protecting every level of an organization. A unified framework of solutions that also anticipates what may be of value to an attacker is what will at least keep a company a few steps ahead of the game.
What do you see your clients most worried about?
I think for the most part, our customers are worried about business grinding to a halt because communications systems are incapable of performing as they should. I believe clients are worried about providing a secure means of communication. By keeping their communication network secure, they're able to avoid being taken offline by a virus or some other type of malicious attack. People who already have excellent AV solutions in place are concerned about the number of attacks finding a way into their network and they're aware of how quickly the window of vulnerability is being taken advantage of by hackers. They don't want to wait for their vendors to provide patches or devise complex workarounds, they want to know that they're being protected from every possible angle. In-essence, our clients have a valid business need to use e-mail and the internet, but are finding that they need to restrict access for purposes of security, and THAT impacts business.
The real enlightening thing for our customers is that regardless of what email security gateway or AV solution they have in place, we can go into their organization and within hours show them what's getting through. We're catching zero-day attacks, even though many companies have policies to mitigate and manage outbreaks in a reactive and expensive manner. Our solution is catching the things that make it through their existing defenses and REDUCING the time required for cleanup and restoration
Based on the feedback you get from your clients, are there more internal or external security breaches?
I would say that there are valid reasons for concern for BOTH internal and external protection. Most companies still have a higher level of trust for internal security. Unfortunately, a small number of individuals have betrayed that trust, generating the need for increased attention on internal security breaches. However, the majority of attempts from malicious entities are based OUTSIDE of the organization. Wise IT administrators will pay close attention to BOTH internal and external layers of protection.
What challenges do you face in the marketplace? What do you see as your advantages?
A problem arises when a company puts too much faith into one product or solution when the reality is that no one product is capable of adequately protecting every level of an organization. A unified framework of solutions that also anticipates what may be of value to an attacker is what will at least keep a company a few steps ahead of the game.
What do you see your clients most worried about?
I think for the most part, our customers are worried about business grinding to a halt because communications systems are incapable of performing as they should. I believe clients are worried about providing a secure means of communication. By keeping their communication network secure, they're able to avoid being taken offline by a virus or some other type of malicious attack. People who already have excellent AV solutions in place are concerned about the number of attacks finding a way into their network and they're aware of how quickly the window of vulnerability is being taken advantage of by hackers. They don't want to wait for their vendors to provide patches or devise complex workarounds, they want to know that they're being protected from every possible angle. In-essence, our clients have a valid business need to use e-mail and the internet, but are finding that they need to restrict access for purposes of security, and THAT impacts business.
The real enlightening thing for our customers is that regardless of what email security gateway or AV solution they have in place, we can go into their organization and within hours show them what's getting through. We're catching zero-day attacks, even though many companies have policies to mitigate and manage outbreaks in a reactive and expensive manner. Our solution is catching the things that make it through their existing defenses and REDUCING the time required for cleanup and restoration
Based on the feedback you get from your clients, are there more internal or external security breaches?
I would say that there are valid reasons for concern for BOTH internal and external protection. Most companies still have a higher level of trust for internal security. Unfortunately, a small number of individuals have betrayed that trust, generating the need for increased attention on internal security breaches. However, the majority of attempts from malicious entities are based OUTSIDE of the organization. Wise IT administrators will pay close attention to BOTH internal and external layers of protection.
What challenges do you face in the marketplace? What do you see as your advantages?
Spotlight
The security of WordPress plugins
Posted on 18 June 2013. | Checkmarx’s research lab identified that more than 20% of the 50 most popular WordPress plugins are vulnerable to common Web attacks, such as SQL Injection.
Information security executives need to be strategic thinkers
Posted on 17 June 2013. | George Baker, the Director of Information Security at Exostar, talks about the challenges in working in a dynamic threat landscape, offers tips for aspiring infosec leaders, and more.
Large orgs in denial about own security breaches?
Posted on 14 June 2013. | Over two thirds (66%) of large organizations said they either had not experienced a security incident in the last 12-18 months or were unsure if they had.
Vulnerability scanning with PureCloud
Posted on 12 June 2013. | nCircle PureCloud is a cloud-based network security scanning product built upon the companies' vulnerability and risk management system IP360.
Reactions from the security community to the NSA spying scandal
Posted on 11 June 2013. | Read on for comments on this scandal that Help Net Security received from a variety of security professionals and analysts.
Daily digest
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
Weekly newsletter
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.
 |
