Now he coordinates the software development process inside the company and develops strategic plans for future versions.
What do you see as the biggest security threats today?
It is definitely a human factor. There are a lot of technical measures today: you can install the words' best firewall, antivirus, anti-spyware; implement an extremely good security policy; provide a few complex levels of authentication to protect your critical data -- and still do not get the appropriate security level simply because the human nature remains the same, most of today's attacks are still based just on that.
What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?
The balance between security, privacy and convenience. You can get only two of three, but not all together -- e.g. security and privacy, but such solution will not be convenient. Or you can trade the privacy for security plus convenience. Finally, privacy plus convenience usually means no or bad security.
In your opinion, how important are passwords in the overall security architecture?
Extremely important. Of course, there are a lot of other solutions such as smart cards, biometric etc, but passwords is the most convenient and so widely-used type of authentication in most systems and applications. The intruiders always attack the "weakest link", and that could be just one weak password for the minor rarely-used program you did not care about because you thought it is not so important.
According to recent case studies, 75% of people use the same, single password for all applications they work with -- which means that bad guys can get it easily, for example, from email client on instant messaging program, and gain access to all your data, even those that you though is unbreakable (such as PGP).
What challenges do you face in the marketplace? What do you see as your advantages?
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.