Maksim Kabakou - Fotolia

VMware boss takes swipe at 'broken' security market

Pat Gelsinger has attacked a security market that appears to sell more products but still fail to protect users

The CEO of VMware has taken a swipe at the security industry arguing it is 'broken' in a cycle of selling more products but continuing to leave users open to threats.

Speaking at VMworld Europe, Pat Gelsinger used his CEO keynote to attack the status quo in the security world and share his determination to change it.

"Today security is broken. You are spending the largest portion and the largest growth of the IT budget in the industry today is security and the cost and the number of breaches is increasing more rapidly than security spend. Isn't that crazy, that I'm spending more and I'm losing more. How do you think of that investment?" he asked.

"We need less security products and much more security. What we see is that we need to turn the industry on its head and think about security in a fundamentally different way. Today we build infrastructure not knowing the applications that will run on it and we are then deploying applications into that environment and they are changing constantly and we are patching on these security products into it," he added.

He said that bolted on products that chased threats could not keep up and were not keeping users secure. The answer was intrinsic protection that was built into the products from the start.

His comments echo a similar broadside that he made against the security industry at VMworld last year, when the firm had just announced its AppDefense product.

One year later and Gelsinger said that it had learnt a lot about security and had set out to make sure that it was starting from a position of blocking problems rather than 'chasing bad' threats after they had hit the network and it would work with a dynamic environment through a combination of learning, locking out attacks and then adapting the defences.

"We are not chasing threats but radically reducing the attack surface and we are enabling a new model of security," he said.

 There are many in the security industry that would agree that users are struggling with too many products and there needs to be consolidation, but most have not gone as far as describing the current situation as 'broken'.

Read more on Data Protection Services