The big problem is how we are going to operate our businesses in one, two or three years' time. It's a about being able to operate your entire business on the Internet. In reality, you'd be daft to do that -- it would be a [subsection] of that, but that's the pure idea.
Do you really see businesses like ICI and those of other Jericho members such as BP becoming deperimeterised any time soon?
Simmonds: In two years' time I'd like to oversee a business lead transformation at ICI working in a deperimeterised environment. The key to that is security returning many millions to ICI's bottom line. If it doesn't do that we shouldn't be doing it at all.
I think we'll start in two years. That's a feasible option. BP -- in terms of changing entire infrastructures, it's a good few years away. And we'll need serious business justifications for it -- and rightly so.
What do you think the outcome of all this will be?
Simmonds: My personal opinion is that all large corporations are going to be faced with doing this. The only real question for me is: "Do you want to get up front and drive it or do you want to follow?"
What are you looking for in products exactly?
Simmonds: To have security built in not bolted on. Having inherently secure products and systems rather than systems where we put lots of proof, wrappers around data.
How does that compare with security technology now?
Simmonds: If you look at what's hot now, VoIP as a protocol is inherently insecure. The vendors will tell you 'you can do it', give you an IPSEC connection and tell you it's OK. But that's bolt-on security. That's using VoIP with transport layer security.
Why is it difficult to inform people about deperimeterisation?
Simmonds: When you get chief information security officers from 50 global 200 companies, we've all got daytime jobs. We can all discuss and brain dump. The hard stuff is technical writing and the back office stuff. It's time consuming. If we can find that we take the thought leadership, it's win-win. We get stuff out of vendors for the end user.
What challenges have you come across?
Simmonds: The challenges of business are two fold -- one is being able to do business on the Web. Can you do business to business securely? More of the demand is to use the Internet as a common transport mechanism. That's straight economics. You've got this high performing infrastructure. Why have alternatives if you can do it securely?
UPS and Walmart are championing the AS2 protocol. That's about to go to the IETF for ratification. That allows you to do business to business. It allows us to connect our e-commerce system to someone else's using the Internet. If you can drop your borders you can do an awful lot more of these transactions.
How do you keep a balance between your role in ICI and your commitment to Jericho?
The strategy is to keep part of my remit and goals. Jericho fits in to that. As long as I balance strategy with my daytime job, there isn't an issue.
When will you allow vendors to take part in the Jericho Forum?
They've already started. We've had a huge amount of interest. We've been keeping a record and telling them that the doors are now open. We've had to write a code of conduct though as a safeguard. That covers the basics. We want vendor CTOs and technologists to be involved rather than through marketing and PR. Ultimately, it's in their interests that we find an accelerated output. But we need to find a way of how to get that output out quicker.
What do members get out of Jericho?
At the end of the day, everything that comes out of Jericho. If you can't afford to pay you will get the output. If you want to be involved in thought leadership, there's a minimal charge. That's the fairest way we could think of doing it.
ZDNet UK's Dan Ilett reported from London. For more coverage on ZDNet UK Insight, click here.
1%
4%
