Business trade-offs are required to achieve a perfectly protected network, but as long as businesses want customers to access their networks --to do business -- there is the potential for security breaches.
This is one of the messages from Gene Hodges, president of Network Associates' McAfee division, the anti-virus component that accounts for around half of the company's revenues.
And we are now seeing more targeted hack attacks and an increase in professionally written viruses, with a correlation between social unrest and virus activity, Hodges said.
While Network Associates has three other product divisions as well as the Web-based managed firewall services group, the McAfee division president was speaking purely as an anti-virus software vendor at a briefing in Sydney recently.
According to Hodges, the professionally written virus is a relatively recent phenomenon, referring to the 1998 explorezip as the first.
Speaking about the recent spate of virus attacks, Hodges observed that yes, Microsoft writes software that is flexible and is thus vulnerable. "As long as it is flexible it can be attacked," he said.
This then raises the question about an organisation's management policy on virus attacks and its attitude to the business trade-offs that it makes in the event of attack.
"Does it shut down its Web site? Does it stop e-mail? For how long?" posed Hodges.
And like any purposeful anti-virus vendor or insurance agent, he pointed to the present and future risks. These include the trend towards focused virus writing as young writers progress towards a professional level and more of the social infrastructure-for example, public elections-being based on the Internet.
Hodges also forecasted that there is the potential for negative reactions from displaced but highly skilled IT staff, including those retrenched because of restructuring as well as an alarming number of dot-com failures.
He also distinguished 'professional virus writers' from hackers, which he described as more technically sophisticated.
"It's harder to breach a well-protected firewall than to write and spread a virus," he claimed. The network security market excluding anti-virus software is where anti-virus was about three or four years ago, Hodges added.
In terms of putting a value or cost on virus attacks, Hodges said that the industry was unable to make an accurate estimate.
"The biggest cost is in lost productivity through business outage... The cost of the viruses this year could have been AU$20 billion."
Greetings to all! Excuse for this message, but at you excellent design of a site! Very much it was pleasant to me, I shall come here very often!