Q&A: RSA Security's Art Coviello - InformationWeek
IoT
IoT
News
News
1/27/2005
12:57 PM
50%
50%

Q&A: RSA Security's Art Coviello

The CEO of the largest vendor of computer security tokens gives his prognosis for what's going to matter in '05.

Two weeks before RSA Conference 2005, the largest security conference of the year, InformationWeek senior editor George V. Hulme spoke with Art Coviello, RSA Security Inc.'s president and CEO, about phishing, spyware, and other security concerns.

InformationWeek: What are the top trends for the coming year in information security?

Coviello: We're seeing emerging and more targeted threats that are far more troubling than generalized worm and virus attacks. One area is phishing attacks--these are continuing on a widespread basis. I also see more-sophisticated spyware attacks that don't just track where you've been on the Internet, but also capture your keystrokes and passwords. With this type of spyware, you don't have to fall for a phishing scam to have your identity stolen.

InformationWeek: What's the state of your partnership with Microsoft for your SecurID hardware (which creates a six-digit number that changes every minute)? Is that helping users log on to Windows more safely?

Coviello: Everyone wants to criticize Microsoft, so I always get a lot of pushback when I say this, but it's in Microsoft's firm interest to overcome these security issues. They're taking a multipronged approach to improve security. They're working to create this trusted-computing environment by making secure code in the first place. And they've substantially upgraded their patch process and the speed with which they fix security leaks. No one likes this situation, but we're stuck with it until later versions of software are released. The third prong of their strategy is by reaching out to vendors like us to add security value to their software. We can make the Microsoft log-on more secure by replacing it with the SecurID token.

InformationWeek: How well is the strategy of marketing your ClearTrust identity-management software to customers of your security tokens going?

Coviello: If you look at what an identity- and access-management system should contain, it's the ability to prove someone's identity and authorize those identities to do things, and to get access to resources, which is what ClearTrust does for Web applications. There's an understandable and natural fit between strong authentication- and identity-management software.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
How Enterprises Are Attacking the IT Security Enterprise
How Enterprises Are Attacking the IT Security Enterprise
To learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Register for InformationWeek Newsletters
White Papers
Current Issue
2017 State of the Cloud Report
As the use of public cloud becomes a given, IT leaders must navigate the transition and advocate for management tools or architectures that allow them to realize the benefits they seek. Download this report to explore the issues and how to best leverage the cloud moving forward.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 6, 2016. We'll be talking with the InformationWeek.com editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll