Reputational awareness is essential to stronger security. “Reputational awareness allows you to be more predictive in your analysis of what malware might mean in your environment,“ says John Bordwine, Symantec Public Sector CTO, whose team is currently focused on emerging technologies that afford the ability to automate compliance and security measurements mechanically. That focus is proving appealing to the federal government “”specifically, being able to track applications, software, and operating systems. Meanwhile, well-managed information is key, says Bordwine. “Manage the data and manage the information very well, not only from a security perspective but also from a general IT perspective and you will be able to add value and understand what your best practices should be.“
Based upon that approach, Bordwine“™s team is also focused on analytics. “We“™re looking at things like analytics on capabilities and metrics you can set to understand how that information is being used to give you a much better awareness of your list posture.“ The end result for agencies: the ability to build a model based upon trending information, and, ultimately, to foster a more predictive, rather than reactionary, environment.
Expanding data protection
Symantec Public Sector is also looking at expanding data protection “” that means not only looking at data protection from a content perspective but in a context environment as well. That requires asking some hard questions, says Bordwine: “How is the data being used? Who“™s really the owner of that information? Who else has access to that information, so that you can provide the information in an analytical view.“
Another area to stay vigilant is, of course, the cloud. It“™s seeing an increasing number of denial-of-service attacks, says Bordwine. “If we think our adversaries aren“™t looking at all the press around cloud computing and trying to figure out the best way into a cloud environment, then we“™re gravely mistaken,“ he says. The solution, he adds, is to maintain the basic building blocks around security and information “” specifically, confidentiality, availability, and integrity. “We have to have the same level of protection within any data center, whether it“™s sitting in a government agency building or it“™s something we“™ve outsourced to the cloud,“ says Bordwine.
Thwarting attacks: What“™s ahead
As Bordwine sees it, much has been accomplished, but there“™s still more left to do. “We have lots of signatures for different types of malware, but there is more to capture,“ he says. “We“™re capturing more and more every day “” it has grown exponentially over the last few years,“ he adds. In terms of remaining vigilant, Bordwine advises: “Know how to use information. Be able to pull the details around malwares, attack structures, and who actually is potentially provocating these attack structures.“ Answering those questions is all part of the “big picture“ security goal: being more predictive than reactive.
UP CLOSE: Symantec Public Sector CTO John Bordwine
Favorite website: IWS ““ The Information Warfare Site, an online resource that tackles issues related to information security, information operations, computer network operations, and homeland security.
Favorite tech gadget: Motion-sensing camera “” great, says Bordwine, for wildlife watching during West Virginia weekend getaways with his wife.
Hobbies: Building furniture. “It“™s one of those things that takes me out of the technology area for awhile,“ he says.