In 
Worldwide Chief Technology Officer, McAfee Mike Feys focus at McAfees annual Focus12 conference at Las Vegas, has been around creating a safer world. In conversation with N Geetha, Fey emphasised the need to use multi-factor authentication tools to tie user identity to devices for greater protection
Which technologies under the information security framework will impact IT heads in the next 9 months?
With trends such as social media, cloud, big data and application explosion resulting inmajor security disruptions, I see some technologies which will make an impact in the next12 months, and which will help the industry get ready to meet the changing dynamics. Theseinclude:
BYOD-: In the next 12 months, BYOD will start becoming a reality. With predictionsthat there will be more users connecting to the Internet on a mobile device in the next year(compared to a more traditional desktop or laptop), together with the massive explosion inapplications, organisations will have to deal with mobility and BYOD in the enterprise or risktotal loss of control.
Authentication: Customers would have significant focus in Identity and Authenticationtools in the coming year. The reasons are varied. Internet users have come to understandthat passwords are not enough, and identity and authentication systems used today are toodifficult and possibly ineffective in dealing with todays issues. The next 12 months willsee massive adoption of multi-factor authentication processes and more solutions to tie youridentity to your device and information. There have been several threats to the intelligence asenterprise business models are changing.
Security Data and Analytics: SIEM is no longer a viable solution unless it provides the abilityfor real-time incident analysis, compliance and response, taking into consideration everydevice connecting and communication within an organisation. The requirement to bringtogether event, threat, and risk data with security intelligence will facilitate rapid incidentresponse and the ability to make real-time decisions based on the security posture of theorganisation and how to make better information decisions in protecting the organisationalinformation assets.
ePO Real-Time: ePolicy Orchestrator (ePO), the most advanced and scalable securitymanagement software will have its influence on customers. The sheer volume of threats andthe nature of hidden, stealthy malware that is designed to evade traditional protection countermeasures will require every organisation to have instant visibility across every device.Of critical importance will be the ability to query for data and make decisions on how toprotect the network, and then make relevant changes in real time, which is possible using thissoftware.
Elaborate on how McAfees technological innovations will transform the customer environment.
McAfee will provide the technology that enables a real time understanding and response tothe environment. There is an orchestrated approach to make our customer place safer thanbefore. It is critical to enable customers to see whats really happening in their environmentand respond to it. Most security is built on historical information such as event logs and alerttriggers. This will become antiquated in the long term.
We would provide a platform that allows customers to integrate McAfee and third partysolutions into a true integrated fabric allowing the solutions to operate in a manner thatcustomers require in meeting enterprise security standards. The systems will be able to shareinformation and learn from each other, enabling increased effectiveness and awareness to seereduction in cost or operation. We work closely with customers across verticals through ourcustomer advisory team to understand their long term plans and security needs and worksbackwards with the R&D team.
What are the products developed by McAfee along with customers as part of the co- innovation approach?
Everything we build is run through a rigorous customer guidance and validation effort. Amajor advantage McAfee has is a massive customer base and we use this to guide the bulk ofour major investments. In fact, our SIM solutions are developed from the feedback we receive from customers andwe evolved the risk based architecture based on the feedback we got.
Can you elaborate on your co-innovation strategy?
Our strategy is to understand the environment from all aspectstechnology, business, globalpolicy, and comprehend the customer challenges that we can address today and for thefuture; and create an open platform and "plumbing" infrastructure that accepts hundredsof other technologies and allows customers to connect to our automated detection, eventreporting, intelligence and remediation--all the while innovating around new areas that solvetomorrow's problems.
What is your plan of action for 2013 in securing your customer place?
In the next year, we are focused on delivering the Security Connected Platform whileenabling best in class network, Endpoint and management solutions. We would expand ourentire security portfolio and ensure every end user application is projected and will come upwith new form factors to protect new form factors.
What best security practices would you recommend for IT heads?
My team and I have written a book specifically to address this question called SecurityBattleground an Executive field manual. At the heart of the book is a concept we call the3Rs: Riches, Ruins and Regulations. What we propose is that IT managers or CISOs needto understand what it is youre protecting against, what will make an attacker rich, what willruin your company and what regulations you have to operate under. If you understand thisfrom a business perspective, you can begin to align your security underneath it.
With the Cloud invading the industry, what are the best security measures customers must take?
Cloud security is a huge topic when taking into consideration the different service types andarchitectures; for example, public, private, community and hybrid clouds. Then you needto consider Software-as-a-Service, Infrastructure-as-a-Service, and Platform-as-a-Servicearchitectures; all this before you take into consideration what data you are putting into thesecloud service types and architectures. Some key considerations for all deployments are:
When moving any data to the cloud, never think you can just hand over responsibility forsecurity and availability over to a cloud provider and forget about it. Like any other ITcomponent, cloud services must be managed and secured using policy, monitoring, andsecurity tools and services.
Before contracting with a cloud service provider, make sure your internal security is upto date first. Dont let your corporate network become the weakest link in the chain.Then make sure the cloud service you are selecting supports your internal securitypolicy standard and your service provider has full transparency to allow you to measurecompliance.
When first moving to the Cloud, consider using the cloud with low-risk, non-corefunctions until your organisation understands the security landscape, how to managethe provider, how to protect the data and how to move compliance from internal to theorganisation to include the service provider.
If you dont use cloud services, your employees will most likely do. Create a list of cloudservices that IT has investigated and deemed acceptable in terms of security.
Investigate cloud provider contracts and SLAs carefully. Dont accept the providersstandard contracts and SLAs, broker your own and use tools available from bodies likethe Cloud Security Alliance to allow you to select the best provider and SLAs for yourspecific requirement. Consider standard audits and certifications such as SAS 70 Type IIor ISO 27001
Make sure the provider allows your organisation to audit its security periodically as welland make sure all data is encrypted
There is a misconception that there are no standards in the Cloud, that it is difficult to assessthe security of cloud providers, compare offerings and securely leverage cloud offerings. Thebest practice or approach is to have a formal plan in place on how you will do security testingand compliance validation to remove security concerns as a barrier to any cloud project.
How does the customer need to get cloud ready?
Whenever preparing to use any cloud service, you need to be sure you understand whatinformation you will be putting into the Cloud. It is critically important you consider howthe data will be accessed, who will have access, how it will be secured and what the best wayis to protect your information. Once you know what data you want to move to the cloud, itsimportance and how it should be secured, you need to pick the best provider that meets yourspecific needs.
Many service providers differentiate themselves through the security services they provideand there are service providers with stronger security architectures than their customersthemselves can implement. When selecting a service provider, there are a significant numberof tools available; the Cloud Security Alliance, as an example, has made tools and bestpractices available to assess compliance and to help you ensure service providers complywith best practice objectives. A lot of misconceptions can be addressed leveraging bestpractices from bodies like the CSA.
Add new comment