Q&A: George Kurtz, CTO, McAfee

We met with the chief technology officer (CTO) of McAfee, the largest dedicated security vendor, to discuss the growing information security threats facing business, and how IT professionals can respond.

That's the best part about it. If you look at social networking and Web 2.0 whether it's LinkedIn, Twitter, blogs or Facebook you can gather all this information. It's network reconnaissance and network footprinting putting a picture together of a company you are attacking.

But now they are taking it to a new level which is [to] understand the social interactions companies have, who does what and who talks to whom. Once we understand that we can target it, and then drive into the technology level. If you look at people's blog posts or LinkedIn you have a pretty good understanding of the technologies they have in use and who does what for a company. It is pretty easy to map out who does what for any of the larger companies.

So is it stretching the point to say that whenever someone in your business uses a social networking site or communicates via a blog it provides just that little bit more intelligence to the bad guys?

Everyone has an online persona now. If you are online in some fashion you have an online persona. You don't just get online but have the equivalent of a financial track record in the IT world. Your reputation is being built over time.

Advertisement - Article continues below

Given that we can't roll back or un-invent social networks and businesses find these tools extremely valuable how do we give organisations greater levels of protection? What practical steps can they take?

The biggest challenge we face is the social and human aspect. Whatever you put out there you need to be aware, it's like putting it on a postcard. If you put details about your social life or family online, that can be used in some fashion. The average consumer and the Generation X person is putting all that information out there, but you have to refine your [online] persona.

People have to understand that their information is out there, and we have to mitigate that loss of privacy and put in other controls on how that data is used.

Featured Resources

The essential guide to cloud-based backup and disaster recovery

Support business continuity by building a holistic emergency plan

Download now

Trends in modern data protection

A comprehensive view of the data protection landscape

Download now

How do vulnerabilities get into software?

90% of security incidents result from exploits against defects in software

Download now

Delivering the future of work - now

The CIO’s guide to building the unified digital workspace for today’s hybrid and multi-cloud strategies.

Download now

Most Popular

Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Amazon Web Services (AWS)

What to expect from AWS Re:Invent 2019

29 Nov 2019

Raspberry Pi 4 owners complain of broken Wi-Fi when using HDMI

29 Nov 2019
Google Android

Samsung Galaxy A90 5G review: Simply the best value 5G phone

22 Nov 2019