IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Q&A: George Kurtz, CTO, McAfee

We met with the chief technology officer (CTO) of McAfee, the largest dedicated security vendor, to discuss the growing information security threats facing business, and how IT professionals can respond.

If you think about the consumerisation of IT, IT departments can no longer say no. If you have an iPad, an iPhone, or an Android [device] and want to bring it in, you will do it. What we've found is the IT departments that say no, people will still bring the devices in and people will start forwarding their work mail to their personal accounts, and read it there.

We have to embrace consumerisation as these devices are more powerful than some enterprise devices. So the question is how do you secure them and how do you enable them? We are focusing on being able to manage and provide security policies on all these devices, whether it's an iPhone, a slate or Windows Mobile. We bought Trust Digital to help organisations to manage these devices.

All IT budgets are under pressure. How do chief information security officers defend their corner, and ensure that if they do make cuts, it doesn't create new vulnerabilities?

One of the most important things is having meaningful metrics. That is lacking in the security world. There is really no way to see how company A compares to company B, in security terms, and in terms of how much money they are spending.

What we see is fairly useless metrics how many hits on our IDS how many viruses. From a CSO's perspective they need to be able to put real metrics into to business terms. Putting it into business terms allows you to articulate the value. This is the security paradox: the more nothing happens, the more secure you are.

You need metrics that can show how you reduced risk and support the business. They can't put it in terms that a business person doesn't understand: viruses, registry entries and all kinds of gobbledygook.

A business person cares about time, money, and not going to jail because of a regulatory requirement.

If chief security officers can put it in those terms they have a much better chance of being able to pursue their agenda, and reduce risk from a business perspective.

Featured Resources

The Total Economic Impact™ Of Turbonomic Application Resource Management for IBM Cloud® Paks

Business benefits and cost savings enabled by IBM Turbonomic Application Resource Management

Free Download

The Total Economic Impact™ of IBM Watson Assistant

Cost savings and business benefits enabled by Watson Assistant

Free Download

The field guide to application modernisation

Moving forward with your enterprise application portfolio

Free Download

AI for customer service

Discover the industry-leading AI platform that customers and employees want to use

Free Download

Recommended

McAfee and Visa offer 50% off antivirus subscriptions for small businesses
cyber security

McAfee and Visa offer 50% off antivirus subscriptions for small businesses

25 Jul 2022
McAfee Total Protection review: Expensive at full price
antivirus

McAfee Total Protection review: Expensive at full price

2 Nov 2021

Most Popular

Apple patches 'superpower' zero-days affecting iPhones, iPads, and Macs
zero-day exploit

Apple patches 'superpower' zero-days affecting iPhones, iPads, and Macs

18 Aug 2022
Why convenience is the biggest threat to your security
Sponsored

Why convenience is the biggest threat to your security

8 Aug 2022
Google is now spending a staggering amount on blockchain
Business strategy

Google is now spending a staggering amount on blockchain

17 Aug 2022