The future of data security: An interview with Dell Fellow Tim Brown

Thank You GetVoIP!!

By G C Network | April 25, 2014

Thank you for the honor of being named a “Top 100 Cloud Professionals to Follow on G+”! Congratulations also to my 99 colleagues.  Read more at: ↑ Grab this Headline…

Facilitators Announced For NGA Agile Cloud Brainstorming Event

By G C Network | April 14, 2014

The Information Technology Acquisition Advisory Council (ITAAC) and the Telecommunications Industry Association (TIA) are announcing a slate of innovative leaders to serve as facilitators for the upcoming  “Agile Sourcing Environment…

MBO Partners Spotlights GovCloud Founder Kevin L. Jackson

By G C Network | April 6, 2014

Associate Spotlight Interview with Kevin L. JacksonMBO Associate Since 10/2013 1)    Tell us a little bit about what you do.I am the CEO and founder of GovCloud Network, LLC. In…

ITAAC/ICH and TIA To Host Commercial Cloud Sourcing Brainstorming Session for NGA

By G C Network | April 1, 2014

The Information Technology Acquisition Advisory Council (ITAAC) and Telecommunications Industry Association (TIA) are honored to team with NGA in hosting the first “Agile Sourcing Environment for Commercial Cloud” brainstorming session,…

Author and Tech Strategist Melvin Greer Profiled by WashingtonExec

By G C Network | March 17, 2014

Congratulations to my NCOIC colleague and dear friend Melvin Greer on his impressive WashingtonExec interview. A senior fellow and chief strategist at Lockheed Martin, Mel has more than 29 years’…

IT Risk Management Summit – March 26, 2013 – Reston, VA

By G C Network | March 12, 2014

In response to growing demand for formal software risk and quality management tools, the nations’ most respected standards bodies and IT communities of practice have joined forces to advance the…

PerspecSys Survey Reveals Cloud-based Security Concerns for 2014

By G C Network | March 10, 2014

Today PerspecSys announced the results of a survey conducted at the 2014 RSA Conference concerning the attitudes and policies of organizations towards cloud-based security. After polling 130 security professionals on…

NCOIC Debuts Roadmap for Designing, Managing Cyber-secure Hybrid Computing Environment

By G C Network | March 5, 2014

Open process by the Network Centric Operations Industry Consortium uses cloud infrastructure to cut computing costs in half and enable collaboration by different systems and users WASHINGTON—March 5, 2014—The Network…

Why State & Local Governments Should be Prepared for Cloud

By G C Network | February 17, 2014

You are invited to attend the Cloud Webinar Series: Why State & Local Governments Should be Prepared for Cloud. This educational webinar is brought to you by RISC Networks, and…

IBM Hybrid Cloud Debate: Experts debate: Are Hybrid Clouds the End All Be All?

By G C Network | February 12, 2014

A hybrid cloud may become the solution as the debate between public vs private cloud becomes so 2013. The industry’s experts will debate on when the hybrid clouds are and…

The Dell Fellows program recognizes engineers for their outstanding and sustained technical achievements, engineering contributions and advancement of the industry. They are also seen as top innovators that have distinguished themselves through ingenuity, intellectual curiosity and inventiveness in the delivery of technology solutions. For these reasons and more, I couldn’t pass up the opportunity to speak with Timothy G. Brown, Executive Director Security and Dell Fellow. During our broad-ranging discussion, Tim shared with me his exciting view of security in the not too distant future.

Kevin Jackson: Tim, I am very pleased to meet with you today. Thank you for taking the time.

Tim Brown: No problem Kevin, The pleasure is all mine.

Jackson: Before we look into your crystal ball, would you please explain your role at Dell?

Brown: Sure. I’m a Dell Fellow, one of eight Fellows across the company. We focus on looking at the future of technology and how we can innovate to make Dell better. My primary focus is on Dell security solutions.

Jackson: What has changed in the cybersecurity marketplace over the past 12 months?

Brown: There are many changes going on in the marketplace. Not only are the adversaries changing, but products and solutions for protecting enterprises are also changing quickly. In security, change is driven by those forces looking to gain access to our customer’s data and information. That adversary is getting more focused, delivering more crimeware, perpetrating more targeted attacks and testing new criminal business models.

Jackson: Do these so-called adversaries operate as a business?

Brown: They absolutely do. These groups are running multi-billion dollar businesses with a main goal of keeping that money flowing. They continually make investments in finding new models. The
cash flow from one of their current models, stealing credit cards and associated information, is now weening off due to effective actions across the credit card industry. Today’s alternative payment models are making it much harder to turn credit cards into cash. This is why we now see things like ransomware. That is a harder type of attack but it has been effective in delivering more revenues. On the defensive side, analytics, more robust identity management and encryption are being more broadly used.

Jackson: What is the number one cybersecurity challenge facing your customers and partners today?

Brown: One of the biggest challenges is the lack of security professionals. There is negative unemployment in the field and companies are finding their openings very hard to fill. Five years ago, banks and large retailers employed most security professionals. Today every company in every industry needs them including your “mom and pop” corner store and the elementary school down the street. There are also technical challenges around selecting the right data protection software.

Jackson: So with the shortfall in cybersecurity professionals will Dell capitalize on the opportunity by becoming a security staffing agency over the next 12 months?

Brown: Maybe not a staffing agency but our industry leading managed security solution, SecureWorks, has actually helped our clients address their staffing shortfall. In fact, the rapid growth of SecureWorks is being primarily driven by that solution’s ability to do the grunt work associated with monitoring the firewalls and networks. At the same time, we’ve developed advanced software that monitors and updates Sonicwall devices. Constantly done in the background, this ensures that the latest intrusion detection, anti-virus and malware signatures are always deployed. Secureworks, by the way, also has a staff augmentation offering.

Jackson: So Dell is reducing security staffing requirements through the use of advanced software.

Brown: Yes! We deliver intelligent software that can be deployed, managed and used efficiently by your existing staff. We are not telling you to buy our software and hire three more people because that doesn’t work in today’s environment.

Jackson: You seem to be approaching the problem just as your customers and partners would.

Brown: Gone are the days when if an enterprise had a problem, all they needed to do was to throw more people on it. Companies need to be judicious with their human assets so our solutions help organizations operate in a more efficient manner. We help your staff focus on the most pressing issues at hand. This allows you to apply human ingenuity to those issues that require it, leaving the mundane and business as usual stuff to the software. What’s also surprising is the number of security “greenfields” we are seeing now. These are organizations that have not had any significant cybersecurity programs in the past and that are only now putting something in place. This has been more pronounced in education and healthcare industries.

Jackson: At Dell Peak Performance we heard that enterprises have suffered over $600B in cybersecurity losses this year against just a $200B investment to protect against these losses. What should senior decision makers and IT professionals learn from this statistic?

Brown: Organizations apply resources to those things that are important to them. In the past security just simply hasn’t risen above the many other priorities. Even with new regulatory requirements in effect, companies are minimally applying resources. Instead of having these precious security resources being spread thinly across the enterprise we help organizations develop and deploy in a focused manner. This gives them more value for their dollar and actually can deliver better results than before. It’s much easier to protect 50 things very strongly than it is to protect 5000 things weakly.

Jackson: With respect to cybersecurity, do you have any industry specific insights that you can share?

Brown: For me, healthcare immediately comes to mind because the industry as a whole is dealing with the challenges of electronic healthcare records. I was recently supporting a customer that had a data cable cut somewhere on their campus. Lack of access to electronic healthcare records prevented them from discharging patients for over 36 hours. So you can see how important securing that data while also maintaining redundant access is so important.

Healthcare records also need to be shared between multiple hospitals and multiple healthcare providers. This access must be managed and controlled so that privacy and personally identifiable information is protected. From a commercial perspective, the healthcare industry will also be among the first industries dealing with the “internet of things”. This is not only being driven by the changing nature of home healthcare and a rapid rise in the use of home healthcare monitoring devices, but also from the rising population of healthy seniors.

Imagine the value of an internet connected coffee pot owned by my parents, who are 87 and 89. In the very near future it could come on in the morning between 8:30 and 9:30 and send me an alert that everything is normal. To me, this coffee pot represents a non-invasive way of checking on them. If I don’t get that notification in the morning, I’m immediately on a plane finding out what’s wrong. These types of models can be integrated into the healthcare system, keeping the elderly healthy and more comfortable in their home. In this way healthcare and IOT will be both a showcase and a challenge when it comes to IT security.

Jackson: As a technologist dealing with the Internet of Things, healthcare information privacy and cross-border requirements share healthcare information, how do you deal with the different national and local laws?

Brown: National laws today are extremely difficult because they are based on data sovereignty rules. In some instances, these rules prevent the transportation of data outside a country’s geographic border. To make this better, laws will probably need to be changed in some way and I believe that the use of software based encryption to protect information will be part of our future. From a regulatory perspective, this will require endpoint protection and approved processes for disassociating data access from system access. I can also imagine limited access to the encryption key which, with an individual’s permission, would limit data access to one or two specified individuals. These types of enhancements require an ability to attach data access policies to the data itself. While no data protection silver bullets exist today, the next few years will be very interesting.

Jackson: Do you have any final comments or specific recommendations for corporate decision makers?

Brown: Today’s data security landscape is less scary than it is exciting. Just think about all the things we can do better today than in the recent past. We can help the elderly stay healthy at home for a longer period of time and we can enable identity federation across many different companies. These capabilities create new opportunities and new business models. Today’s CEO therefore needs the right security partner. One that stands ready to answer the hard questions and ready to discover answers that embrace the new future of business.

Jackson: Thank you, Tim.

Brown: You’re welcome, Kevin.

This post was written as part of the Dell Insight Partners program, which provides news and analysis about the evolving world of tech. Dell sponsored this article, but the opinions are my own and don’t necessarily represent Dell’s positions or strategies.

 

Cloud Musings

( Thank you. If you enjoyed this article, get free updates by email or RSS – © Copyright Kevin L. Jackson 2015)

Follow me at https://Twitter.com/Kevin_Jackson
Posted in

G C Network