Security game changes when the bad guys are backed by foreign governments
Fidelis CEO Peter George talks about the shifting threat landscape and what companies are doing to cope
Network World - Fidelis Security Systems has an interesting perspective on the world of security, working, as it does, with the U.S. government to keep other countries from prying into some of our nation's most critical networks. Now that many of those same countries are after intellectual property housed by enterprise shops, commercial customers are knocking at Fidelis' door looking for help. Network World editor in chief John Dix talked to Fidelis CEO Peter George about the shifting threat landscape and what companies are doing to cope.
Let's start with a baseline question. How do you sum up the state of enterprise security today? Are we winning or losing the war?
The conventional wisdom, which I agree with, is we're behind, the gap is getting bigger and we're at a critical moment where we need to find a different approach if we're going to protect intellectual property and the things we have at risk. And customers are really getting it now. A couple of years ago if you went to the RSA conference and talked to CSOs in the oil and gas industries about the problem of nation-state adversaries penetrating critical infrastructure, half of them would get it, but the other half wouldn't. That's all changed now. This year at RSA, that group of CSOs is huddled in a corner, not just together, but also with stakeholders from the federal government who understand the threat and the guys in ponytails and sandals who are really smart security guys trying to figure out how to get in front of the problem. It's a national security problem and everyone's very aware of it and budgets are being applied, which didn't happen a couple of years ago.
Are you seeing responses from organizations across the board, or just in key industries like financial services?
This is an evolving thing, right? So a couple of years ago it was half the critical markets and now it's everybody in that, so that's moving downstream. But everybody in the Fortune 2000 that are concerned about their security posture are concerned about this particular problem -- a nation-state, an adversary, trying to steal something for financial gain. Which is really different from the old problem of a young kid trying to hack the network for fun. So the stakes are higher and it's a bigger issue. Smaller companies who may have less to lose or are not a primary target, are also looking for ways to manage the risk/reward. So a managed security service, for example, might be a good approach if they can't afford to buy the technology and the people to run it.
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- Agility & Scalability for Oracle EBS R12 and RAC on VMware vSphere 5
- This white paper outlines extensive performance and scalability testing of Oracle EBS applications on a Vblock™ Systems with vSphere 5.
- Oracle and VCE: The Next Step in Integrated Computing Platforms
- In this ESG Lab review you will learn how a VCE system driven by Oracle, delivers the perfect blend of high performance and...
- Migrate Oracle Apps from RISC/UNIX to Virtualized x86
- Ready to move Oracle to a virtualized environment? This brief explains how true converged infrastructure can help you migrate from a RISC/UNIX environment...
- Step Out of the Bull's-Eye
- Learn about the evolution of targeted attacks, the latest in security intelligence, and strategic steps to keep your business safe. All Government IT White Papers
- Keep Servers Up and Running and Attackers in the Dark An SSL/TLS handshake requires at least 10 times more processing power on a server than on the client. SSL renegotiation attacks can readily...
- On Demand: Mastering the Art of Mobile Content Management Mobile device usage in the enterprise has skyrocketed, and it continues to escalate. IT must answer to users who demand access to their...
- DevOps with PureApplication System: Reduce cost and speed delivery with an integrated IBM Cloud solution Join this webcast to hear what ING Netherlands has been able to achieve while deploying DevOps tools from IBM Rational. An ING executive...
- NSS Labs & Cisco Present: Evaluating Leading Breach Detection Systems Today's constantly evolving advanced malware and APTs can evade point-in-time defenses to penetrate networks. Security professionals must evolve their strategy in lockstep to...
- Will the Real Endpoint Threat Detection and Response Please Stand Up? This webinar explores new technologies & process for protecting endpoints from advanced attackers as well as the innovations that are pushing the envelope...
- All Government IT Webcasts