Security threats Toolkit

Businesses told to boost security

Tags:
John Thompson,
Security,
RSA Conference

Dawn Kawamoto CNET News

Published: 07 Feb 2007 09:00 GMT

In a world where customers, suppliers and partners all tap into corporate networks, businesses must provide a secure environment for all of them, Symantec's chief executive urged on Tuesday.

John Thompson said that companies need to take responsibility for maintaining customer confidence, especially as people and businesses become increasingly connected via devices such as mobile phones and handheld computers.

What used to be clear lines separating enterprises and consumers have now become blurred

John Thompson, chief executive, Symantec

"What used to be clear lines separating enterprises and consumers have now become blurred, as networks are extended to not only suppliers and partners, but also to customers," Thompson said during a keynote speech at the RSA Conference 2007 in San Francisco.

He acknowledged that this approach has not been common, despite increases in malicious software and other security breaches. "Accepting responsibility for the security of a device accessing your network, when it's not owned or managed by you, is a radically new concept in our world," Thompson said.

But he urged vendors to take that step in enabling companies to deliver a secure experience to end users, which include customers, partners and suppliers.

"Those that embrace this approach will not only reduce their risks, but, I believe, they will also create a competitive advantage for their companies," he said.

Confidence in the connected world will only come about if information, the infrastructure and interactions are secure and protected, Thompson predicted.

As a result, the role of a business' security officer needs to evolve into one that focuses on IT risk management, he advised. This new role would call for identifying, measuring and developing strategies to weigh IT risks and returns.

The IT risk manager, for example, would examine stumbling blocks to the availability of data, regulatory compliance and overall business performance, Thompson said.

The Symantec chief executive outlined technologies and challenges companies may need to consider to bolster their IT risk management and reduce customers' concerns over security issues.

He called on enterprises to introduce identity management systems and extend them to customers, partners and vendors that they do business with. "There is no doubt in my mind that managing user identities is the most pressing challenge facing the industry today," Thompson said.

An approach that focuses on the user, rather than on the technology, is what is called for, he added. "After all, the goal is to protect the user — regardless of the device they use, online transaction they undertake, or threat they may face," Thompson said.