- Nokia's new N97 vs. the iPhone
- 10 Microsoft research projects
- Hard to get justice in MySpace case
- Smartphone smackdown: Storm vs. iPhone
- Apple removes antivirus support page
Security managers have to keep their cool and clearly communicate with CIOs during a crisis affecting company networks, a top security official with Microsoft said Wednesday.
Otherwise, trying to educate CIOs in a panic mode will complicate how an attack is countered, said Greg Galford, Microsoft security architect, who gave a presentation at the EuSecWest 2007 security conference in London on Thursday.
Galford was a technical lead during a massive attack on Microsoft's network in 2000 that prompted the company to make many changes to its networks and its response approach. He now works with Microsoft's Security Response Center, which handles new vulnerabilities and exploits affecting the company's software.
The hacking attack in 2000 wasn't a huge surprise, since Microsoft was using much of its own newly developed software that had security faults, Galford said. At the time, the company wasn't nearly as vigilant as it is now about security, he said.
Microsoft had a huge web of insecure connections leading to its corporate network, including employees who worked from home and connections security officials were unaware even existed, Galford said.
The company also mistakenly made public much information on how its own corporate networks were constructed, which likely aided hackers. One network engineer had even made most of the information on his hard drive available over the Internet, he said.
"We shot ourselves in the foot," Galford said.
During its response, Microsoft learned hard lessons in how to communicate developments up the chain of command. Technical people have to be separated from management. CIOs need to be told regularly when they will be briefed again after receiving an update, Galford said.
"We had executives coming down to the offices of people that were doing the actual technical work," Galford said.
Ideally, management should be briefed before a crisis, so they know how the response will proceed, Galford said. Also, security managers need to know how to communicate in nontechnical terms for CIOs who may not have the same background, he said.
CIOs "are always worried about what's going on," Galford said.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment