Q&A: McAfee, Symantec CEOs talk security

McAfee CEO David DeWalt and Symantec CEO John Thompson answer tough questions about data protection, consolidation, and the IT security market

The reality in the security world today is that we are seeing more cost-optimization requirements. So, how do you look at a company like us that has AV, anti-spyware, HIPS (host intrusion protection), and NAC (network access control), and how will you add DLP and encryption as an agent, versus adding someone else's products?  We look to acquire the best of breed to do that -- to make sure that we have the best technology to fit into our suite -- and offer centralized management with single agent control to every desktop.

That's the big company game we play, and you have to recognize that turning the ship isn't necessarily about building a technology from scratch. Data security meeting endpoint security, meeting perimeter security is an important component of why people would trust a larger vendor.

InfoWorld: DLP is obviously an area where both companies have made significant investments over the last year, with Symantec's acquisition of Vontu, and McAfee's acquisitions of Onigma and Safeboot. Could you describe your strategies around DLP and why it has become such an important element of data security?

Thompson: The first thing we have to ask ourselves is if this is a problem that customers would like for us to help them solve; if so, is there a technology already in place in the market that has already garnered the hearts and minds of its users? Clearly, that was the case for Vontu, who was unquestionably the market leading solution for DLP.

Our view is, if this a problem that customers would look to Symantec to help them solve, why not see if we can acquire the best technology to be able to do that?

The question of DLP as a standalone platform or as a feature will be answered in how customers want to solve the problem. If customers are willing to dedicate resources to the problem as an isolated area of activity, that probably functions as a standalone product.

However, if they view that solving that problem is a part of another business process, then it would behoove us to make that feature part of a broader suite.

DLP over time might become part of a broader digital rights management strategy for an organization. Now, that's a big theme that goes well beyond what Vontu does today, but if you believe that the currency of business today is as much about information as it is about cash, having a clear understanding of where digital content is and who has rights and privileges to use it is a very important topic for a lot of companies today.

DeWalt: McAfee and Symantec have clearly addressed DLP in very different ways.

We see DLP having two important problem-solving areas: intellectual property protection, and the management and monitoring of information loss via endpoints.

We believe that most DLP events occur through insiders, through endpoint devices. Not people e-mailing out the source code, but copying it onto a USB drive and walking out with it. Is it more practical to e-mail the source code over the network or copy it to 60GB drive in a matter of second?

If you look at where the problem is, you'll see the protection of intellectual property is the most important issue, and that secondly, it's about compliance data privacy reporting components.

With Safeboot, encryption is already proven as a strong approach for data privacy and breach management, and it is best served when the customer can prove no loss of data when the lose a mobile device, that they have no need to report that incident.