While acknowledging that prevention is important, Mark Doll, director of The Americas for Ernst & Youngs Security Technology Solutions Practice, preached the gospel of detection at a recent breakfast seminar sponsored by his company and Symantec. I talked with Doll after the March 10 presentation, which focused on material from a book he co-authored with Sajay Rai and Jose Granado, titled "Defending the Digital Frontier" (John Wiley & Sons, 2003).
"I think prevention, patch management and code review is a tremendous asset," Doll said. "The problem is that people didnt have the Slammer patch in place because it was a SQL Server problem that dealt with peoples applications. If you have 300 or 400 applications, there is a tendency to want to test the patch against all the applications."
Dolls talk laid out basic tenets for digital security and a method for convincing top-level management of the need to increase investment in security-related products. It was telling that even in this era, he was doing a hard sell. Of course, companies should meet requirements to protect sensitive data, but this seminar was an attempt to persuade CXOs to divert as much as 10 percent of their IT spending into security tools.
Instead, I believe wise IT managers should try selling company execs on a well-managed network that accommodates new technologies with security thats baked in, not bolted on.