HUNTSVILLE CHAPTER CHAPTER - Nov 04, 2014 |
Industry Executive Speaks Volumes about Data Security |
The chapter presented Sol Cates, chief security officer at Vormetric Inc., as its guest speaker for its fall luncheon. Joining Vormetric as a security engineer in 2003, Cates quickly became the senior director of field engineering and solutions architecture before assuming his current post. Cates consults with many Fortune 500 companies and government agencies on cybersecurity; Vormetric has more than 1,100 customers, including 17 of the Fortune 25. Cates discussed how cyber attacks have changed from a destructive nature to a monetary focus, where capturing data is the goal. He stated that "data can't defend itself." Controls need to be put in place to protect data while still allowing businesses to operate without obstruction. Cates continued by saying that attacks are now centered around the acquisition of intellectual property, classified information, infrastructure control, and command and control information. When asked how to protect the data, Cates stated that "policy and segmentation should be used to protect [it]." Cates then discussed the Ring 0 problem of operating system security. A protection ring is one of two or more hierarchical levels or layers of privilege within the architecture of a computer system. On most operating systems, Ring 0 is the level with the most privileges that interacts most directly with the physical hardware, such as the CPU and memory. This is the area where all malware desires to operate. Malware will often enter a host through lesser-privileged levels and then seek to elevate privilege to an administrative level at Ring 0—a key element of the hacker cycle. Vormetric products operate at the kernel level of the operating system and separate the operating system from access to the protected data. |
Event Photographs: |
Sol Cates, chief security officer at Vormetric Inc., addresses the chapter at its fall luncheon. |