McAfee CTO: Security on embedded devices must be a priority

McAfee CTO: Security on embedded devices must be a priority

Summary: McAfee's chief technology officer proposes breaking the myth that certain things don't need to be secured, and that certain things aren't securable.


SAN FRANCISCO -- We need to take a more proactive approach to security, especially on embedded devices, according to McAfee's chief technology officer Stuart McClure.

Speaking during the afternoon keynote session at the 2012 RSA Conference on Wednesday, McClure described the security scene in 2011 as "a mess, quite frankly."

"Being on the good side is not easy," admitted McClure, explaining that for cyber criminals, all they have to do is find a crack in the system to break the whole thing open.

Cyber attacks in 2011 hit everyone from the entertainment industry to governmental agencies worldwide.

"It doesn't always follow any rhyme or reason. All it takes is one little trigger," McClure posited, adding that it's only getting worse and worse.

McClure argued that most cyber threats started off based on ego.

"Bad guys wanted to prove they're smarter than you," McClure asserted. "Then they figured out that they could make a lot of money."

Over the course of the last decade, financial incentives were followed by espionage, then weaponry, and most recently, the incentive of a perceived purpose seen through hacktivism in 2010 and 2011.

McClure reminded audience goers that sometimes security breaches aren't actually that sophisticated but are successful (and damaging) all the same.

For example, when Paris Hilton's accounts were hacked, the culprits simply tried the name of her dog, "Tinkerbell," as her password -- and it worked. While it seems like a joke now to many tech insiders, there are plenty of people online who still make similar mistakes today.

McClure stressed the importance of recognizing the need for advanced security measures on more than just computers but also embedded devices, ranging from gas station pumps to cars themselves.

McAfee's CTO used the example of healthcare devices -- specifically insulin monitors for diabetes patients. Considering that 285 million people worldwide are affected by diabetes today and an estimated 438 million will be by 2030, embedded devices tracking health and statistics related to diabetes is a huge market.

Unfortunately, given how many people could be affected, this space could also become a target for cyber criminals, whether they're interested in distortion or simply making a point about whatever concerns them.


Topics: Symantec, Cisco, EMC, Health, Networking,, Security, VMware

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Security is a priority on some devices

    It's just that those devices don't play angry birds and ZDNet has made sport of bashing them (needless to say ZDNet has devolved into a consumer site).
  • Of Course

    Gee I can't see why the CTO of a security company would possibly be pushing security products for embedded devices? He would have nothing to gain from such and effort.
  • It has to work

    And I have never seen anything McAfee puts out work.
    They even break good software and combine that with poor customer support.
    McClure described the security scene in 2011 as ???a mess, quite frankly.??? And that's after you have been working on it for YEARS!
    Good JOB STUART!