- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
Network World - Being in IT security is more than a full-time job for William Boni. As Motorola's vice president and chief information security officer, Boni oversees security for a global network supporting some 100,000 end users. He also recently helped form an IT security consortium with counterparts from other companies and last week gave a keynote address at the InfoSec World conference in Orlando. Somewhere in between all this, Boni spoke with Network World Senior Editor Ellen Messmer.
How would you describe the level of importance Motorola gives to IT security these days?
Motorola, like most other large, sophisticated global organizations, has become increasingly dependent on the running of its IT infrastructure, applications and technologies to support the success of its business strategy and operations.
In parallel to that increased recognition, you have increasingly visible and apparent risks and threats to that infrastructure and those operations and capabilities. It's not just a matter of Sept. 11. We had a whole series of denial-of-service attacks in the spring of 2000; there has been the seemingly endless series of worms, viruses and other types of events.
Management has sought to obtain higher levels of assurance by giving this role executive-level status and accountabilities.
What sorts of security projects can you tell me about that are going on within Motorola?
Motorola is a major producer of intellectual property, proprietary-sensitive information, new product designs, trade-secret and patentable information across a number of industry segments. The challenge in developing new products and solutions is that it requires extensive use of digital technology to design, describe and bring them into production and distribution.
A common business practice is reverse-engineering, looking at ideas and seeing how it compares against the individual company's product. The concern is to make sure we don't have premature leakage of key forms of digital intellectual property. There are a number of different technologies from both mainstream leading vendors and start-ups that I am interested in looking at.
What's been your experience with intrusion-detection systems?
Detecting something is always less desirable than actually preventing things in the first place. We got into the IDS technology fairly early and found, like everybody else, the existing tools and technologies suffer from creating a huge overload of false positives.
But we did make the effort to create the capability to allow us to do analysis and basic correlation and assessment - and have found even the detection tool to be a very useful adjunct in our efforts to manage the consequence of events whenever they do happen inside our network. We're typically wading through 20 to 30 million events per month to find the dozen or so that require an appropriate response.
Have you started using intrusion-prevention systems?
We're in the process of upgrading our existing technologies to be more preventive and retain the ability to detect and respond to things. We're keeping our eye on the new technologies as they come out. There are some promising new vendors [which he declined to name].