Gaining public trust in internet is key, says Symantec CEO

The need to create public confidence in using online services is the biggest security challenge facing businesses, John Thompson, CEO of Symantec Corporation, said yesterday.

The need to create public confidence in using online services is the biggest security challenge facing businesses, John Thompson, CEO of Symantec Corporation, said yesterday.

In a keynote speech at the RSA conference, Thompson said it was imperative for users and suppliers to work together to make e-commerce safer, if the benefits of the internet are to be realised.

“Confidence is essential if we want to realise the potential of this interactive world. The ability to collaborate online, to work remotely, has created a whole new set of business models. IT systems are not a frill. They are essential drivers of innovation and growth,” he said.

Thompson said it was vital for e-commerce to find ways of replicating the way trust works in the offline world, largely based on face-to-face contact online.

“How do we make sure when we are logging onto your bank that it is actually your bank, not a dummy site? How do we know that your confidential information that resides with your supplier is still with your supplier?” he said.

Although the security industry has done a good job protecting systems over the past few years, the number of threats is steadily increasing, said Thompson.

The majority of companies expected to experience at least one security incident a year. Spammers are using new technology to evade anti-spam filters, and consumers are being targeted with malware designed to extort money, he said.

But he said going back to doing business offline was not an economic option. New security models that focus on protecting information, and the person, rather than devices, would need to be developed.

“I don’t feel that consumers should feel they are running a risk by shopping online. I believe we can dramatically mitigate these risks,” he said.

Security suppliers and enterprises needed to develop ways of managing the identity of people online securely, he said.

“Consumers will demand that enterprises conform to a set of technologies and business practices. They will demand a level of security beyond what we normally expect,” he said.

Building confidence in the connected online world won’t be easy, said Thompson.

“It will take looking at security in context of the whole risk management strategy of your organisation,” he said.

In a thinly disguised attack on Microsoft, Thompson said businesses needed to work with a range of security suppliers, rather than trust their security to one organisation.

“You would not want the company building your operating system to also secure it from threats. It is a huge conflict of interest,” he said.


Read David Lacey’s security blog

Read Stuart King’s risk management blog

Comment on this article: [email protected]

Read more on IT risk management