Cyberthreats Outpace Security Measures, Says McAfee CEO - InformationWeek
02:23 PM

Cyberthreats Outpace Security Measures, Says McAfee CEO

McAfee CEO David DeWalt says cybercrime has become a $105 billion business that now surpasses the value of the illegal drug trade worldwide.

Second, the increase in cyberthreats has fueled a rapid growth in compliance requirements as the federal government tries to mandate higher levels of security and protection of sensitive consumer and patient data. "There's a lot of legislation around industries forcing them to comply with various standards for customer protection," said DeWalt, including payment-card industry regulations, Sarbanes-Oxley reporting requirements for public companies, and the 1996 Health Insurance Portability and Accountability Act.

In fact, along with many corporate executives in the United States, DeWalt believes that "the pendulum has swung too far" toward increased government oversight of corporations and the customer data they control, causing American companies to lose their competitive edge to businesses in other countries with less-stringent compliance requirements, particularly in Asia.

The third important trend is the movement of security protection from the perimeter of corporate networks toward the data layer itself: "Traditional security has always been concentrated on the perimiter, on endpoint devices, particularly with firewalls," DeWalt noted. "The focus now is on thinking about data-oriented security" by classifying certain types of data so that it cannot leave the corporate network or company-owned devices.

That is especially important because some 70% of all data losses are caused by insiders of one sort or another.

Fourth, companies are facing new challenges as server virtualization spreads across many industries and many types of industries. "Virtualization is an amazing juggernaut in terms of security risk," said DeWalt, listing noncompliant virtual machines, VM-aware threats that can subvert countermeasures, the propagation of infected virtualization images, and "hyperjacking," or the potential for a single breach to offer simultaneouos access to many machines across a virtualized environment as some of the emerging risks.

"Managing and protecting a single physical endpoint is much different than managing security virtually," DeWalt said.

Finally, the emergence of new platforms and devices presents cybercriminals with new targets for hacks and phishing scams. Mobile devices such as smartphones and voice-over-IP systems are inherently more vulnerable than traditional clients and telephony services.

McAfee and its competitors are bringing out new products and technology to deal with these emerging threats, said DeWalt, but the advantage for the moment still lies with the evildoers in cyberspace. He concluded, "We're in inning two of a nine-inning game here."

2 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of November 6, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll