If we really want to tackle security issues, we need to rethink how we analyze the attacks and how we deal with the open holes that make us vulnerable.
At the RSA Conference in San Francisco Wednesday, McAfee CEO Dave DeWalt told the audience that it is time for to quit looking at threats--and treating them--in silos. Anti-spam software is watching the e-mail inbox. Anti-virus software is watching the PC itself, looking for malware, trojans and so on. A firewall is supposed to keep the bad guys out and Web filters are supposed to be keeping us off sites that have been identified as being bad.
DeWalt spoke of a multi-layered, multi-correlated approach where security solutions are embedded everywhere--in chipsets, in storage products or peripherals, for example. From there, we need to communicate what we know, what we’ve learned and what we continue to discover with a central intelligence database where the data about vulnerabilities can be compiled.
For a company like McAfee, this approach becomes a game changer.
Instead of taking the information that’s out there--new signature files for a piece of malware, for example--and pushing that information to the end-users, a newer, better, cloud-based approach is to keep that information current in a global database and allow the end-user’s machine to talk to the database so it can pull information about the file or e-mail or application in question.
DeWalt noted that his forecast for the future isn’t all doom and gloom, largely because companies are getting smarter about their approach to security. But he also didn’t want to offer some sort of false hope that the threats might start slipping as we get smarter about handling them.
As economic conditions deteriorate, reports of malware and denial of service attacks start to rise. The bad guys are feeling the economic pinch, too, and they’re counting on a few of you to respond to a get-rich-quick offer that might appear in your inbox.
This article was first published as a blog post on ZDNet.