The way Ken Dunham sees it, an ounce of prevention is worth a pound of cure. Dunham, director of malicious code for Reston, Va.-based
iDefense, is a strong believer in attacking potential security problems on the front end rather than spending time and money cleaning up messes that could have been averted. The iDefense Intelligence Suite offers business owners ways to avoid cyber threats while they're still only threats. Founded by James Adams in the late 1990s, the company's proprietary technology is bolstered by IT security and intelligence professionals and a state-of-the-art research lab. In short, it offers not just a solid first line of IT security defense, but a team of spies to keep the enemy at bay.
Can you tell us exactly what iDefense does?
iDefense is a computer security intelligence company. We specialize in proactively and reactively providing clients with actionable intelligence to stop or mitigate the impact of cyber threats worldwide.
Specifically, we have three core areas of intelligence: a geopolitical threats team, a vulnerability and labs team, and a malicious code team. We work around the clock for rapid response to all emerging threats.
We have well over 100 contributors in more than 27 different countries sending us information on new vulnerabilities, giving us a very large global footprint.
Our malicious code team covers 400-500 new intelligence reports a month, just for fingerprint reports alone. It doesn't include others, like white papers and focus reports.
Our threats team is able to profile and track various group activities, with a comprehensive look into the hackers' world, their motivations, and more.
In particular, what does your title--Director of Malicious Code--involve?
I oversee all malicious-code intelligence operations for iDefense. That includes product development, rapid response, core intelligence functions, working with the media, clients, and others as needed.
It's a very busy job with many diverse responsibilities, an environment in which I thrive. I learn something new each day, and I see my team reach new heights each month.
It's a great job and a great company to work for. It's rock-solid and headed for the big-time in a big way, which is very motivating for all of us here at iDefense.
How does your client base break down? Do you work more with enterprises or medium-sized businesses?
We primarily work within government and financial sectors, those companies that have the most assets at risk. Most companies are Fortune 500, so they're quite large in scope.
What are some of the most recurrent security issues that you end up dealing with?
We are on the front lines of computer security every day. The same old types of problems are getting worse, and new problems are being introduced regularly.
In such a complicated, and largely reactive computer security world, we try to be a proactive intelligence model with actionable data to help mitigate threats. It's all about making security a priority and applying due diligence toward thwarting and mitigating threats.
Expressed as a percentage of a business's annual budget, how much do you think a typical company should set aside for IT security expenses?
Security cannot be measured in dollars, but only in asset management. Companies with more assets at risk are more likely to embrace security from the CEO on down, which makes a huge difference in the success of a security program.
The budget depends upon the organization and the assets at risk. In general, computer security needs to become more of a core part of doing business rather than being an add-on solution.
What are some brewing security issues that businesses should keep an eye out for over the next year or so?
-- Rapid exploitation of new vulnerabilities and zero-day exploits [security breaches that take advantage of a security vulnerability on the same day that the vulnerability becomes generally known];
-- Significant disruption and covert attacks with multiple malicious codes;
-- The potential for a serious infrastructure attack with focused, malicious code attacks;
-- State-specific cyber-attacks launched by various groups or entities;
-- A continued lag in the effectiveness or ability of technology to help mitigate threats.
Are we winning or losing the battle for cyber security?
Many are losing the battle of security in 2004. Some, who are more proactive and have a strong multilayered defense plan, have an edge against others in terms of relative security. For the computing market at large, computer security is a losing proposition for two reasons: cash motives and integrated challenges. If computers become very secure they will more likely become unusable, hindering sales and development of such products. Additionally, everything is becoming more complicated and integrated, greatly increasing the challenges for computer security experts to secure those environments.
What does iDefense have coming up for the rest of 2004?
Our real-time XML output to clients is proving to be very valuable. We have many new projects under way that we hope will take our coverage and intelligence to the next level. Personally, I'm very excited because some of our larger projects have the potential to redefine various aspects of computer security as we know it today.
