IT Briefcase Exclusive Interview: Tackling Today’s Security Challenges with Toralv Dirro of McAfee

There is no question that internet security threats are increasing by the day, and possibly even by the hour!

In the below interview, Toralv Dirro from McAfee offers expert advice on how to evade these dangerous threats and overcome security challenges that organizations are facing today.

• Q. What are you seeing as the biggest security threats to businesses today?

A. There are numerous threats to businesses today. One of the biggest is certainly the theft of intellectual property by rival companies or nation-state sponsored actors. Cybercrime going after their money can certainly hurt, but losing the know-how and competitive advantage is certainly much more threatening.

• Q. How is McAfee currently working to protect users from security threats such as fake alert software and ransomware?

A. One goal is to get detection, and thus protection, against any new such piece of malware in place as fast as possible. Here cloud-based technologies are playing a key role. With these a file that is not currently recognized by the signature an heuristic detection, but is still deemed suspicious is fingerprinted and cloud-based servers are queried for the latest information available. With ~100.000 new pieces of malware each and every day really everyone should enable this extra protection. Another important part is to prevent an infection with domain reputation solutions like the SiteAdvisor (there is still a free version available for download). This gives a user a warning of known malicious websites in search results and also when browsing to such a site. The user itself can also do a lot to prevent damage. First by doing frequent backups, making sure security updates to OS and applications are applied and be vigilante. Be suspicious about attachments and links in email and never accept a download that is offered just by visiting a website.

• Q. How has the shift towards BYOD, and the evolution of mobile devices, affected the security challenges that organizations face today?

A. The security challenges are massive, so massive that some people name this trend as “Bring Your Own Disaster”. Allowing such diverse devices access to the corporate network and store, potentially sensitive, data on them has got huge consequences, calling for appropriate security measures. And there are also legal issues with this in many countries. Imagine for example a scenario where the company must do a forensic analysis on a personal device after a breach, and that device also contains all private messages, browser history, pictures, etc. of the owner. To get some control of the risks associated there should be a security policy in place, regulating how a device must be configured with regards to passwords, encryption, etc. Also a solution to enforce this, to track a device or to remotely wipe it is necessary, as well as security software on the device itself.

• Q. What is your take on the risk vs. compliance issue companies face when dealing with BYOD in the workplace?

A. As just mentioned, there are many issues with BYOD, so many that personally I wouldn’t even consider to allow such devices. But there may be cost or management demands forcing the introduction. Such a step should be considered very carefully.

• Q. How will McAfee’s recent release of four new Data Center Security Suites help to secure servers and databases in the data center?

A. These McAfee Data Center Server Security Suites protect servers in the Data Center by leveraging application whitelisting and blacklisting (AV) technology from McAfee. The blacklisting component protects servers against all “known” threats and application whitelisting allows only trusted applications to run on these servers – protection against all “unknown” threats. Virtualized servers are protected by the MOVE component of these suites, thereby providing optimal security for physical and virtualized servers, on Windows or Linux platforms, in a single solution. By combining the whitelisting and blacklisting technologies, we are able to secure servers optimally while maintaing the high performance requirements of servers in the data centers.

The Database security suite combines database captivity monitoring, virtual patching along with vulnerability management for databases in a single suite, providing optimal security for the most current, legacy and mainframe databases.

• Q. What other solutions can McAfee offer to help businesses improve their level current of Security?

A. McAfee offers a broad range of solutions for businesses of all sizes to help improve their security. The most common solutions are of course the client security solutions and the gate protection. A Network IPS can improve security a lot, Application Control to secure servers and critical systems, Risk and Compliance solutions to help mitigating risks and ensuring that regulatory requirements are fulfilled, Disk and File encryption, Data Loss Prevention (DLP) and mobile solutions. But there is still much more, too much to list it all, including not only products but consulting and services and every company has different needs.

Toralv Dirro, McAfee Labs EMEA Security Strategist,McAfee GmbH

Toralv Dirro is McAfee Labs EMEA Security Strategist at McAfee. In this role he is spokesperson for McAfee Labs and works closely with the research teams. He deals with the latest threats, their development and cybercrime as well as new security technologies like McAfee Global Threat Intelligence. He is a frequent speaker on events and conferences as well as to the media.

He started his carrier with Dr. Solomon’s Software in 1994 being responsible for the set-up of a research lab in Germany. After the acquisition of Dr. Solomon’s through Network Associates 1998 Dirro not only worked in the field of virus research but in other aspects of IT security. Network Associsates was renamed to McAfee in 2004. He helds his current position since 2007.

Toralv Dirro was born on September 20th, 1970 and studied computer science at the university of Hamburg where he also work at VTC (Virus Test Center).