Securing the Enterprise | eWeek

Securing the Enterprise

Written By
eWEEK EDITORS
eWEEK EDITORS
Aug 22, 2003
2 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More

Motorola Inc. CISO and VP Bill Boni has a formidable job: making sure his global company with more than 90,000 employees and 10,000 network segments is secure every minute of every day. CIO Insight reporter Debra DAgostino spoke to Boni about how he negotiates the trade-offs between perfection and “good-enough.” What follows is an edited transcript of his remarks.

CIO Insight: How is Motorola retooling operations to boost its information security?

Boni: There are the three key elements, and I think its important that all three are considered when you create a new security strategy, because prevention, although it might be the holy grail and the ultimate desirable situation, is not possible. Were dealing with IT operations in over 60 countries around the planet with more than 90,000 employees and a quarter million or so network-connected devices. Absolute bullet-proof prevention is an unrealizable objective. Given that fact, what we need to do is have a balance that allows us to quickly detect threats to our operations, and then identify and prioritize risks to the platforms of the operations. Even if you are very diligent at seeking out vulnerabilities and risks and threats, youre still not perfect, so whenever a breakdown happens, how do you respond? Security is not just about cyber-instant response types of protocols for things like viruses or intrusion incidents or defacements, but also about business continuity and disaster planning for events that have less of a personal-directed nature-acts of nature or acts of broader catastrophes such as terrorists or things of that sort.

Did this approach to security exist before you took over as CISO, or were you the change agent?

Its a strategy that has been evolving, and it represents what I think is a best- practices framework. The challenge is to implement the specific details that go into those broad, overarching framework elements in a way thats going to be the right balance for any organization. Its all about deciding the trade-offs and making them wisely, and then getting the whole company to understand what the tradeoffs need to be. I have been at Motorola for three and a half years. I came on as director of information security and was promoted into the role of CISO. We architected the framework and basically sold it to management as a responsible approach, particularly in light of the Sept. 11 circumstances, but it was actually in process before that. I would say Sept. 11 was a watershed event in that it threw into stark relief the fundamental change in the world environment in which we now operate. It basically crystallized a lot of the efforts that we had been doing and gave it a more serious context.

eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.