Friday | 10 July, 2009
CSO
What spooks Microsoft's chief security advisor
Application exploits, virtualization security are big concerns
Bob Brown (Network World) 27/03/2008 11:12:24
Page:

Microsoft also gets a read on security issues by holding CSO and CIO summits (Arsenault is executive host for the company's annual CSO Summit, at which 300 top CSOs, mostly from the United States, partake). Microsoft compares data from the two groups to determine whether security concerns are being taken seriously by CIOs.

In Microsoft's latest survey of CSOs, it found that protection is the top security issue (62 per cent), followed by identity/access management (57 per cent) and compliance (44 per cent and falling in the rankings, a finding consistent among CIOs as well). Secure messaging/collaboration is among issues on the rise, as is application architecture ("The biggest question there is how far back you go in your code base," Arsenault added). Patch management ranked 6th on this list, with 29 per cent citing it, though Arsenault says this topic ranked first about years ago.

Arsenault also spent a chunk of his talk discussing why Microsoft makes the security investment and partnership and technology decisions it does, and steps Microsoft has taken internally to shore up its security and protect its own intellectual property and systems. He noted that decisions, such as what security products to include in an operating system, aren't always up to Microsoft given certain regulatory restrictions. Others, such as how to integrate security and management products, are also complex. He also discussed the requirement to weigh the needs of enterprises, small businesses and consumers, noting that security at the consumer level can have a big impact on enterprise security.

Arsenault isn't your typical Microsoft speaker. He prefaced his talk by noting that he has spent his entire career at the company outside of the profit and loss side of things and doesn't really care whether you buy Microsoft Forefront security products or technology from someone else (he even fessed up to using Quicken rather than MSN Money). "I have a vested interest in reducing security risk in the overall environment so we don't slow down the computing stuff that's been going on or what you're doing over the Internet."

Page:
More about Quicken, PLUS, Corel, MSN, Microsoft, Adobe, Google, Red Hat, Toyota, Apple

Comments

Post new comment

Login or register to link comments to your user profile, or you may also post a comment without being logged in.
The content of this field is kept private and will not be shown publicly.
Enter the fully qualified URL, eg. http://www.example.com/
  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd>
  • Lines and paragraphs break automatically.

More information about formatting options

Add to Google
Additional Resources
Newsletter Subscription
Sign up for our CSO Online newsletters!
RSS Feeds
Syndicate content
 
Get a job Careerone
Whitepaper


Read Whitepaper

Extensible Threat Management

Unified threat management (UTM) spawned a new era of IT security. The promise of these integrated security appliances proved to be an exceptional and efficient way of securing commercial networks. However, businesses today face an inflection point, dictated by changing market trends and new technologies that demand more of today’s UTM. Hence the need is for eXtensible threat management (XTM) solutions, the next generation of UTM appliances.

Sponsored Links