Gene Hodges

Welcome Guest | |

| | | | | | | | | | |

Interview > security > Gene Hodges

“Do not try to boil the ocean, focus only on essential information”

With security concerns reaching a new level, and many organizations being the target of huge volumes of spam, phishing, and malware attacks, it is imperative for an organization today to define security from a holistic perspective. In an interesting conversation with Srikanth RP, Gene Hodges, CEO, Websense, shares his perspective on how the focus of enterprises must remain on protecting information, despite the changing nature of attacks.

A rise in zero day attacks, website vulnerabilities and the absence of a defined perimeter has forced enterprises to rethink or reevaluate their security mechanisms. How do you think a CIO can ensure an appropriate defense mechanism?
Despite the scale, depth, and the medium of attacks, the focus of any organization must be essentially on information. The defense mechanism must hence be based on protecting information and be clearly defined as a policy. The policy itself must be drafted in consultation with the board or the senior management and state clearly the importance of each type of information and the financial or reputation value associated with the information. This makes it extremely important to classify data and identify what kind of information can be downloaded from the web and what kind of information can and cannot go out from the organization. For any organization, apart from monitoring attacks coming from external URLs, the real focus must be on maintaining the integrity of essential information such as proprietary processes and intellectual property. This data or information must be protected irrespective of the device it is accessed from or the medium or network through which it is transmitted. So, in summary, organizations must focus on the essentials and not try to boil the ocean of information that is available across the enterprise.

Social networking tools have presented new security challenges for enterprises. How serious is the danger and does technology have an answer?
With social networking websites such as Facebook updated every 0.4 microseconds, it is extremely challenging for any enterprise tool to identify in real-time, if user-generated content has a problem. Our research shows that more than 90 percent of all web posts on blogs, forums and other sites are unwanted content such as spam and malicious content. Further, more than 70 percent of all web spam and unwanted content is hosted on legitimate sites that allow user-generated content. For example, popular presidential social networking website http://my.barackobama.com hosted links to malicious content within its user generated blogs. That said, technology too has evolved to effectively handle this menace. For example, Websense’s ThreatSeeker Network gives customers the ability to identify and classify spam posted as comments to forums, blogs or social networking sites. Comment traffic is automatically routed through a spam filtering service and every comment can be analyzed and given a ‘spam’ score. This improves the ability of enterprises to tackle spam on their blogs.

Security analysts believe that insiders, who have privileged access to information, pose the greatest threat to steal information than probably the outside attacker. Can current technology prevent information leaks?
While technology has evolved to tackle blog comment spam, it is imperative that organizations have a clear information classification policy on what kind of information can be shared and distributed, including who has access to this data. If organizations classify information based on metadata, it is relatively simple to prevent misuse of data. For example, our data loss prevention solution gives organizations the capability to recognize information according to different categories. This could be credit card information, customer databases or information related to a company’s quarterly earnings press release. So, while it may be perfectly fine to send the quarterly press release to your company secretary, the same release if mailed to an external source or shared via chat must trigger off an alarm. This has great potential for usage among companies such as those in the IT industry that base their competitive ability on their intellectual property.