While there have been terrific advances in the state of technology around heuristics, behavior blocking, and things like that, technology is only a part of the approach to solving the problem with the more important aspect involving putting the right process in place.— John W. Thompson
The most pleasurable John W. Thompson quotes that are proven to give you inner joy
First, our focus on security is on the infrastructure itself.
So it is all about how you protect the network, the device, and the application that is riding on the server.
We need to shift the paradigm from reactive technologies to more integrative solutions that deal with the variety and complexity of the threats that are out there today.
What we are seeing now is customers shifting their attention from security products like firewalls and intrusion sensors, to the policies that need to be in place, and the technologies that help them enforce policy compliance.
So you will see us continue to advance the state of the art or take information that we have in our response data bases and have that drive automation or an automated response by some of our products.
We think the managed security services opportunity is enormous and so we have been an active participant and probably the largest firm in this space outside of an IBM or EDS, which does large outsourcing contracts.
But what Web services suggest is that the connection is always there between an application that is resident somewhere in the cloud, and a user who is somewhere on the other end of a connection.
If you accept that security is a process, and if you can eliminate the human interaction or intervention in that process by automating more, that is a good thing.
First, I do not think there is any silver bullet to solving the technology side of the security equation.
The U.S. and Israel probably lead the way in terms of venture investment in technologies companies focused on the security paradigm. That is quite encouraging.
I don't think there is any franchise more powerful than ours around securing the consumer experience and we will not concede that to anyone including Microsoft.
Well we have a good working relationship with Microsoft at the development level. But let's not kid ourselves, this is a company with enormous resources and talented people, and there is a certain pride that comes along with that for them and for us.
So ensuring the integrity of the data and integrity and validity of the connection is a very important element in any company's strategy that is moving towards a Web service paradigm.
Over the near term there is clearly the opportunity to work with Microsoft to do to a better job of creating a more secure Windows experience for users around the world.
Well Web services are nothing more than a way for users to interact with applications.
One of the things that has been truly incredible to observe though, is the amount of venture investment that has gone into early stage security technology.
Second issue is the rapidly accelerating increase in the number of vulnerabilities that get discovered every day. And, equally importantly, is the shortening of time between the discovery of the vulnerability and the release of an exploit.
There has been no appreciable improvement in our country's ability to produce the kind of talent we need in this space. There have been some small initiatives around the country that have been noteworthy.