Three of the IT industry's top CEOs have claimed that security is a manageable problem, despite lingering problems, including the obstacles posed by Web services.

	ADVERTISEMENT

Free IT resource Virtualization Insights from Top Experts - Learn how virtualization gets real! Sponsored by Dell Free IT resource TechNet: More ways to know it, share it, and keep it running. Sponsored by Microsoft RELATED LINKS »  IE 7 bug reopens debate over patch responsibilities »  Woman ordered to pay for file-sharing will appeal »  McAfee to buy SafeBoot for $350M »  Security RSS feed  >> MORE IDG ENTERPRISE NETWORK • Research Reports  (CIO) • Ask the Expert  (CIO) TOP NEWS  • CA gains new CFO • Linux creator Torvalds still no fan of GPLv3 • Nokia tests dual cellular-Wi-Fi phones • SMIC crawls back to profitability on tax credit IT SOLUTION SEARCH

In talks at the Gartner Symposium/ITxpo conference in Orlando last week, Microsoft CEO Steve Ballmer, Intel CEO Craig Barrett, and HP CEO Carly Fiorina addressed what they claim is now the industry's top priority.

"It's still not good enough, but we have made dramatic strides. I know we need to do better," Ballmer said.

Ballmer pointed to the improvements Microsoft has made between Windows 2000 and Windows 2003 as an example.

In the first 150 days after Windows 2000 was released, Ballmer said that CERN, the European organization for nuclear research, found 17 critical vulnerabilities. In the first 150 days of Windows 2003, 4 critical vulnerabilities were discovered.

Ballmer told Gartner analyst Tom Bittman that he hoped Microsoft will not face the security problems a year from now.

Barrett was less aggressive. "In five years' time it will be better," Barrett said. "Security is a manageable issue."

HP's Fiorina said security must span the enterprise in order to be successful. "Security requires innovation across all parts of the value chain," she said.

But Ray Wagner, a research director at Gartner, said industry moves to adopt Web services architectures will create security problems that have not yet been predicted.

"The problem is Web services opens up [non-security-sensitive] technologies we've been using for years, and there will be problems with that," Wagner said.

Wagner explained that no one has created a solid taxonomy of how malicious hackers will attack Web services. That will be created as Web services proliferate and hackers attack.