But with the increasing automation of software patching, they began
turning their attention to finding flaws in desktop applications. Meanwhile, viruses got smarter, and phishing continued on its upswing.One person whose business gives him a bird's-eye view of the terrain is Gil Shwed, chief executive of Check Point Software Technologies, based in both Israel and California. ZDNet UK sister site CNET News.com spoke with Shwed about the changing face of software security.
Q: When we last spoke,
one of the things you mentioned was that individual behaviour needs to
be modified when it comes to security because individuals are the point
of access. Has the situation improved substantially from a year ago?
A: I think there's still a long road ahead of us. We haven't
seen massive worm attacks yet, but in recent months, we saw some worms
that were pretty scary. They didn't cause huge damage, so maybe the
infrastructure is faster to react — because of firewalls or antivirus
software or things like that.
Does that mean that companies are getting more serious or that they're just lucky?
There still are many companies that run outdated security systems. They
don't realise that keeping an up-to-date system is critical.
As you've watched the development of spam and phishing, do you think these are becoming more manageable problems?
Out of all email traffic, spam is still between 40 percent to 50
percent of the total — which is horrible. More needs to be done, but
it's manageable. I mean, 99 percent of it gets blocked by the antispam
software. Phishing is a more challenging problem because there's also
the challenge involved with people, not just technology.
You mean their behaviour?
Yes. You can always find ways to fool people.
The even worse news is that they're getting smarter. Some of the
early phishing email was obvious, and you knew it was a hoax. But
increasingly, it looks genuine.
That's true, but remember that the big hackers of the early Internet,
like Kevin Mitnick, got through because of social engineering. It
wasn't because of the sophistication or lack of sophistication of the
IT infrastructure.
So what do you see, then, as the big security issue for 2006?
Companies need to build a security architecture that is ready for the
unknown, not one that is ready for yesterday's threat. It may be that
yesterday's threat will be back again, but it's more likely that it
will be something different. What the threat of tomorrow will be, I
don't know.
Even if it's not blocking them, it has to act quickly and react quickly. That's why we believe that software is a solution; that's what software is for — it's flexible. We say our next stage is universal updatability, so you keep up and run the new services that we have.
Let's talk a little about the situation in Israel. Has the
departure of Benjamin Netanyahu as finance minister been affecting
Israel's high-tech landscape? He had support from the establishment for
some of the things he did.
I don't think it's going to make much of a difference. I'm not trying
to make any political statements, but I think that as the minister of
finance, he did well. He promoted opening the economy to privatisation,
and there was generally...
For more, click here...
