With a background that started at computer store back in the 1990's, Symantec's COO Stephen Gillett has climbed the corporate ladder rapidly. After being spotted by the Chairman of the largest hospital chain in the Pacific northwest of the USA while working at Office Depot, he was appointed as the IT manager of a new hospital. After moving from that to his own start up, he became the CIO of Starbucks at the age of 31. He's now the COO of Symantec.
Over that time, Gillett has seen a huge shift in the way IT security is managed.
"Having grown up in IT, a lot of the security used to be that there was a perimeter and we had to defend it and we had a lot of investment going into edge devices. Once the bad guy, the bad actor, got in, it was kind of a scramble to deal with that," Gillett said.
Today's world is far more complex with threats coming from multiple angles.
"It used to be that people would hack in. A script kiddie would get online and get access to something. Then you have digital arms for organised crime that are going after identities. Now we have nation states, which are much bigger. They're not after monetary gain or notoriety. They have much more dark arts in mind. They're going after intellectual property and state secrets. You see the Snowden work being pulled into that".
At the same time the needs of users when it comes to security have changed. They no longer want to survive in a locked-down environment. They want ways to navigate that world so that their identity and information is protected no matter where they are in that world.
Gillett told us that Symantec took a new approach to looking at the market that they were operating in.
"Symantec took the approach of trying to better understand the entire environment that their customers operate within. One approach was to use an artist in meetings to illustrate the complex interactions customers had with their local applications, online services, mobile devices and other tools. What they discovered was far more complex environment than expected".
Customers were no longer looking at purely perimeter-based solutions. Instead, they wanted the benefits of all the new services and technology that are now available and management of security rather than simple blocking. And it's likely that a successful security strategy would not be a set of point solutions. It will take a more cohesive and coordinated multi-factorial response.
"It's not just BYOD anymore – it's BYO Everything. It used to be about trying to keep the bad guy out of that world. Now the bad guys are in that world with them. No one single defence is going to work. It's going to take an industry and ecosystem working together from the hardware level to the network to the end point to the application working together to orchestrate and end-to-end view to protect users".
One of the challenges faced by consumers, businesses and governments is that cyber criminals are very organised. Beyond simply having markets where zero-day threats, identities and other information is exchanged – for a fee – there are even defined career paths for professional malware developers and distributors.
"When I talk about thought leadership, it's not about 'here's our advanced APT discussion and it's better than yours', it's how do we collectively say that the way security is consumed and deployed is done in a way that creates a mesh network or a stronger framework for us to protect the things we need to protect".
For CISOs and CSOs – the path ahead will require planning for multiple threat vectors and working under the assumption that your systems will be compromised to some degree. That means having systems in place that protect the perimeter -that requirement is not going away – but also having systems and processes in place to deal with threats through the entire fabric of IT operations.
This article is brought to you by Enex TestLab, content directors for CSO Australia.
- Navigating the balancing act: how to support user privacy whilst maintaining control of corporate-owned data
- Gemalto says SIM cards secure after NSA, GCHQ hack report