Q&A: Gerhard Eschelbeck, chief technology officer at Webroot
We spoke to the chief technology officer of one of InfoSecurity 2010’s main sponsors to find out more about the rise of malware in 2010.
There is a lot of speculation in our industry as to where malware is coming from. There is a lot of data as well [that] has proven there are clearly areas, like Russia, that are big distribution points for malware.
The challenge is it doesn't necessarily mean when malware is being distributed from Russia that people from Russia wrote the malware. It could be people from China who wrote the malware, put it on servers in Russia and distributed it to England for example.
That is the difficulty because there are so many indirection points involved with malware that you don't really know where the real source is.
But speculation lets you believe that Malaysia and the Philippines are big trading points for malware.
How malware-savvy are businesses?
We actually conducted a survey earlier this year globally where we asked security professionals from the US, UK and Australia in terms of their current thinking what the protection strategies are today, how they got hit last year in terms of malware, what they have in place and what they are planning for the next year.
It showed that there is a tremendous amount of awareness for email security and the big worry is around web security. There is a tremendous amount of awareness in IT organisations that they need to do something about web security and this is the big area for organisations. They indicated that 2010 is going to be the year of protection for web security.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
So I think email is pretty established already, they know what they need. Web security is really at the forefront of their minds.
I also think there is a great deal of awareness as a lot of people got hit last year with malware infections. The question is now how quickly can companies act.
Is the war against malware ever going to be won?
Malware is constantly changing, constantly evolving. The key is really that we have security solutions that are agile enough that they can adjust to the landscape.
My recommendation, and I think this is consistent with the rest of the industry as well, is a multi-tiered defence. You have the first layer of defence in the cloud, where essentially you can keep 95 per cent of the bad stuff out of your network, and then you have the last layer of defence on your desktop to essentially keep anything else out of there. So this two layer defence is really where I think the industry is going towards for the best protection.
I think here at the show you see companies focused on one side like the end point, or some companies do the cloud and some companies do both areas together but the key is really that companies are looking at this from a multi-tier defence model.
Jennifer Scott is a former freelance journalist and currently political reporter for Sky News. She has a varied writing history, having started her career at Dennis Publishing, working in various roles across its business technology titles, including ITPro. Jennifer has specialised in a number of areas over the years and has produced a wealth of content for ITPro, focusing largely on data storage, networking, cloud computing, and telecommunications.
Most recently Jennifer has turned her skills to the political sphere and broadcast journalism, where she has worked for the BBC as a political reporter, before moving to Sky News.