Symantec chief defines security paths

National Strategy to Secure Cyberspace

Better coordination between systems administrators, responsible for keeping up to date with patches, and security operators, charged with protecting networks, will help thwart cyberattacks such as the recent SQL Slammer worm, according to John Schwarz, president and chief operating officer of Symantec Corp.

Organizations can take two paths to secure their networks: religiously update software patches when vulnerabilities are discovered and install the right level of protection, Schwarz told Federal Computer Week. The right level of protection includes antivirus software, firewalls, intrusion detection, content filtering and virtual private networking, he said.

Most organizations are approaching the management of these processes in an "uncoordinated" way, he said. For instance, in many organizations the people responsible for providing patches are different from those charged with securing the networks.

The roles of the system and network administrator are different from those of a security manager, Schwarz noted. The network administrator's performance is measured by keeping the network or system up and running. But a security manager may need to shut down a network port or system when the organization is under attack. The security manager must be given the authority to shut down a port when it is needed. And this takes coordination.

"Systems, network and security management is a three-legged stool that can't exist [without each leg]," Schwarz noted. Nevertheless, it still is good to keep the network and systems management function separate from security as a "check and balance" for one another, he said.

Schwarz also said industry and the government have improved their coordination on cybersecurity. "There's been more access to the government [even] at the state and local level," he said. Richard Clarke, chairman of the President's Critical Infrastructure Protection Board, has done an excellent job raising the level of awareness about the need for the IT industry and government to work closely to shore up information and network security, he added.

The draft of the National Strategy to Secure Cyberspace issued by the board "is a sold piece of work," he noted.

Schwarz said he expects more action on the cybersecurity front this year. Legislation that would bolster federal agencies' investment in security is late. "Appropriations that have been promised are still winding their way through the approval process," he said. Plus, all the organizational skills are not in place yet. Coordination among the different departments that make up the Homeland Security Department is just under way.

So one and a half years after the Sept. 11, 2001, terrorist attacks, "awareness has been raised," but not all of the capability is in place yet to properly secure business and agencies from cyberattacks, Schwarz said.