CIOs and their managers are simply being inundated. They’re being inundated with information about what’s happening on their network. They’re being inundated with a flood of vulnerabilities and the patches needed to fix them. They’re inundated with trying to learn a new language — business speak. And with so much work and stress flooding in, […]
CIOs and their managers are simply being inundated.
They’re being inundated with information about what’s happening on their network. They’re being inundated with a flood of vulnerabilities and the patches needed to fix them. They’re inundated with trying to learn a new language — business speak. And with so much work and stress flooding in, it’s easy for an IT manager to get lost in the technical fog of war.
Linda McCarthy, the executive security advisor in Symantec Corp.’s Office of the CTO, says it’s a tough time to be a CIO, a network administrator or a security administrator. The founder and former president of Network Defense and the once manager of Security R&D at Sun Microsystems, Inc., McCarthy has just authored the book, ‘IT Security: Risking the Corporation’.
Here, she talks to eSecurityPlanet about the challenges facing IT managers.
Q: How are network security needs changing?
One of the biggest problems right now is that there is so much data. How do you collect that data and look at it and make sense of it? There are firewall logs, system logs, IDS logs. There’s so much data that you need good correlation and reporting mechanisms. It’s really, really important for companies to deal with.
Q: How well are companies dealing with the flood of security-related information?
They’re just realizing now that they need to do something about it. A couple years ago if you asked executives if they knew what an IDS was, they wouldn’t have known. Now they know it’s intrusion detection. Now we’re at the point where the technology is there. They just have to figure out how to deal with the data.
Q: What other obstacles are IT managers facing?
Another thing is understanding the different threats on the horizon. It’s all about understanding what threats are out there and what you need to protect your company from them… They don’t know what’s coming. It’s a big problem.
Q: Do you think all of the media attention on worms and teenage hackers sidetracks IT managers from the bigger picture?
I wouldn’t say they get sidetracked. It helps to raise visibility [about security issues] in the company at a high level. It sometimes helps to create awareness.
Q: Do you think IT managers are being heard at the executive level?
There’s a problem with the way people present information to the executive management. It’s not really clear. This technical information is not being simplified. From a systems level, it’s very difficult to uplevel that to an executive. You give them complicated information and too much of it. They’re not going to get it. They don’t have time to think about it, so they end up not understanding the threat.
Q: Is this IT’s fault? Are IT managers learning how to communicate with the business suits?
I wouldn’t want to pin it on IT. The information is complicated. Once it’s simplified at a systems level, it’s easier to communicate at a higher level. It’s not really a skill for a lot of people at an IT level, and especially not at a systems administration level. Companies that really know how to communicate security at a business level and can simplify technical information, they’re the ones who get money for their security efforts — and they have better security.
Q: Millions of companies are being hit with worms and viruses that could have been stopped in their tracks if the IT department had simply installed the necessary patches. But there are so many vulnerabilities popping up and so many patches to install, how can IT departments handle the deluge?
It’s not a simple solution or everybody would have all the patches installed today. The idea of keeping up with all the vulnerabilities relevant to your company and having the staff to install those patches is pretty overwhelming. You need patch management software that works on a large distributed network. Sometimes it’s a catch-22. There may be patch management software but somebody doesn’t have funding for it. Or they think they can have the systems administrators update the patches because that’s their job. It’s not that simple of a problem to solve.
Q: Is wireless technology throwing another wrench in enterprise security efforts?
Business doesn’t wait for security. Technology gets deployed because the business needs to run. Usually what happens is that businesses deploy technology before security is strong enough, and a lot of times that forces the solution… Definitely. I worry about it. I got a call today from somebody running a business that has deployed wireless technology and they don’t have a clue about it. They were already broken into and they don’t even know how it happened. If you deploy wireless without thinking about security, there’s a good chance that’s going to be a problem.
Huawei’s AI Update: Things Are Moving Faster Than We Think
FEATURE | By Rob Enderle,
December 04, 2020
Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 18, 2020
Key Trends in Chatbots and RPA
FEATURE | By Guest Author,
November 10, 2020
FEATURE | By Samuel Greengard,
November 05, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
November 02, 2020
How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 29, 2020
Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
October 23, 2020
The Super Moderator, or How IBM Project Debater Could Save Social Media
FEATURE | By Rob Enderle,
October 16, 2020
FEATURE | By Cynthia Harvey,
October 07, 2020
ARTIFICIAL INTELLIGENCE | By Guest Author,
October 05, 2020
CIOs Discuss the Promise of AI and Data Science
FEATURE | By Guest Author,
September 25, 2020
Microsoft Is Building An AI Product That Could Predict The Future
FEATURE | By Rob Enderle,
September 25, 2020
Top 10 Machine Learning Companies 2020
FEATURE | By Cynthia Harvey,
September 22, 2020
NVIDIA and ARM: Massively Changing The AI Landscape
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
September 18, 2020
Continuous Intelligence: Expert Discussion [Video and Podcast]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 14, 2020
Artificial Intelligence: Governance and Ethics [Video]
ARTIFICIAL INTELLIGENCE | By James Maguire,
September 13, 2020
IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI
FEATURE | By Rob Enderle,
September 11, 2020
Artificial Intelligence: Perception vs. Reality
FEATURE | By James Maguire,
September 09, 2020
Anticipating The Coming Wave Of AI Enhanced PCs
FEATURE | By Rob Enderle,
September 05, 2020
The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort
ARTIFICIAL INTELLIGENCE | By Rob Enderle,
August 14, 2020
Sharon Gaudin is a veteran technology journalist who has worked for the likes of Computerworld, InformationWeek, and Datamation. She has covered everything from the cloud, security, and social networking to software development, robotics, artificial intelligence, and hardware.
Datamation is the leading industry resource for B2B data professionals and technology buyers. Datamation's focus is on providing insight into the latest trends and innovation in AI, data security, big data, and more, along with in-depth product recommendations and comparisons. More than 1.7M users gain insight and guidance from Datamation every year.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
