Interview: Internet Security Expert Gail Hamilton

Gail E. Hamilton is executive vice president of Symantec's Product Delivery and Response team, which is responsible for building the full range of Symantec's security solutions. Hamilton also leads Symantec's world-class anti-virus and intrusion response teams, including the company's technical support group. She has more than 20 years' experience growing leading technology and services businesses serving the enterprise market. Hamilton received a master's degree in electrical engineering and administration from Stanford and a bachelor's degree in electrical engineering and computer science from the University of Colorado.

1. Will the Internet ever be completely safe?

The Internet will never be completely secure. Companies need to prioritize their security and look at the different levels of protection for different types of data. For example, if a company's brand is key, they'll want to make sure their Web site never goes down.

2. Is the Web as secure as it has ever been?

The Web is an open environment, which enables access. To protect it and make it secure requires alerting, protection technologies, response and management tools.

3. What is the best security, according to the National Strategy to Secure Cyberspace?

Security needs to be layered. Each network and each computer needs to be secured with several different types of protection.

4. What is the focus of the National Strategy to Secure Cyberspace?

The Strategy's main emphasis is on a system's vulnerabilities rather than on methods of attack.

5. What are the Strategy's guiding principles for securing Cyberspace?

Basically, that the security of the whole depends on the security of the parts. And because threats and vulnerabilities will continue to evolve as technology evolves, security itself must evolve at an equal or higher rate.

6. How will private industry be affected by the National Strategy to Secure Cyberspace? Will they required by law to take actions?

There's been some criticism because private industry has not been compelled to take action under the National Strategy. However, the problem with mandating security actions is that by the time the steps are implemented, the technology changes. This mishap occurred several years ago, with the Orange Book.

7. What role did Symantec have in making recommendations to the National Strategy?

As a security leader, Symantec has played an ongoing role in the creation of the National Strategy, including round table discussions and participation in Town Hall meetings. Symantec security experts participated in broad discussions that resulted in key recommendations regarding the content of the Strategy.

8. Is there a danger for a law firm to be using the Internet to transact confidential information?

Yes. Increasingly, the legal profession is relying on the Internet to transact business. They should be aware that not all forms of communication over the Internet are safe. For instance, the use of instant messaging, which many firms use to communicate with clients, is not what we would consider Best Practices because its security can be easily compromised.

9. What types of security do you recommend for a law firm that wants to communicate sensitive information via email?

It is important for law firms to follow a set of security Best Practices guidelines. Companies need more than anitivirus and firewall. They need an integrated set of security solutions including vulnerability assessment, Internet content filtering, intrusion detection, antivirus and firewalls deployed at the gateway level, the server level and the client level. In addition, law firms should incorporate virtual private networks so that lawyers working from home or on the road can protect the e-mails they send to clients.

10. What is the required level of awareness that most attorneys should be aware of?

They should be aware of Best Practices - how to secure their computers. These Best Practices are outlined in detail in the National Strategy to Secure Cyberspace, and include: Authentication, Configuration management, Training, Incident response, Organization network, Network management and Smart procurement.

11. What are the trends in methods of attack used on the Internet?

In the past year we have seen a new kind of attack called the blended threat. These new blended threats propagate themselves in a number of ways. They self-mutate, attack antivirus software, and can leave 'back doors' that make it easy for other threats to enter your systems. The latest computer worms use the Internet to update themselves on the fly and require no user action. Because of these new threats companies need to deploy security at all levels of the network - the gateway, the server and the client.

12. How is Symantec dealing with new viruses?

Today's blended threats are increasing in cost, impact and complexity. Our response capabilities are comprehensive and minimize impact to a business. We've increased the automation so as to better serve our customers.

13. Where do you see the state of security of the internet in 5 years? In 10 years?

We're going to see wireless networks expand. Broadband will also continue to spread to households, and there are security issues that accompany a connection that is essentially always on.

14. What are acceptable levels of compromises in security?

That's a tough one. I think there should be no compromises in security, but this is not the reality. So, we need to strike a balance between access and security.

15. Currently, how secure are wireless networks?

There are two types of wireless networks: 1) Wireless LANs, which are can be pretty secure with the appropriate protections; and 2) PCS, which support mobile smartphones and handheld PDAs. This type has real security issues.

17. Should there be restrictions on wireless, based on security concerns?

Total security can be achieved by shutting all the networks down. I don't think this is the best policy. Again, through the use of Best Practices, users can minimize the risks associated with using wireless connections.

18. Is there a danger for law firms to be using wireless for transacting confidential information?

Well, there are two types of wireless connections. The first type is a LAN connection with, say a laptop - these are pretty secure. The second type, a PCS connection, which supports smartphones and PDAs, has real security issues. Wireless operating systems have yet to be under serious attack, due in part to their limited capabilities, but the threat is there. As the handheld operating systems expand, the threat becomes more real.

19. Can a virus be sent over a wireless network?

Yes, absolutely.

20. What ramifications are there for attorneys who send confidential communications via wireless connections?

They are vulnerable to viral attack, and there's also a problem encrypting the data as it is transmitted. Thus data may actually be snatched from the air.