Interview: Dell Perot Systems CTO Jim Stikeleather

Jim Stikeleather: Everyone has a responsibility for security

Jim Stikeleather discusses security, social responsibilty and the reasons for Dell's acquisition of Perot.

V3.co.uk: It's been a few months since Dell swooped on Perot Systems. Why the bold move?
Jim Stikeleather: If you look at the industry there's a huge amount of consolidation going on. HP bought EDS, Xerox bought ACS and so on. Dell and Perot worked together for many years, so it was a natural fit and gave us truly end-to-end capabilities. You can now go to Dell for everything from telephony to completely running your business process outsourcing to cloud utility, and so on. Economically it gave Perot a significant amount of scale. Before, 60 to 70 per cent of sales were North America-driven, but with Dell's acquisition Perot has acquired a tremendous footprint internationally.

How is the integration going?
The transaction took place in early November and there's been a tremendous amount of progress. This is one of the fastest integrations I think I've seen. The Dell people are already reporting to Perot people, and the Perot people are reporting to Dell people. Of course, we're still rationalising the technologies, processes, procedures and methodologies because both companies have a 20-year history, but the good news is there's not a lot of overlap. At the moment Perot is operating as the fifth business unit named Dell Perot Systems, because we want to realise the brand equity of Perot in America. But once we've exhausted that brand equity we'll rebrand as Dell Services.

What are some of the key areas of rationalisation you're looking at?
Cyber security. We took a step back and asked 'What's going on and where do we need to be?' A key point of technology is to enable and empower people. If you think about a thriving and growing business, trust is necessary because you won't thrive if you always fear being under attack. There's a certain dead element of cyber security; it's essentially an afterthought and not built into the equipment. Because of that the technologies we have in place are almost indefensible, so we're constantly patching the cracks and filling the holes.

How did you approach architecting the cyber security environment of this new company?
Well, we said let's rethink cyber security. We realised it involved legal and regulatory compliance issues, especially in Europe, and on top of that comes good social responsibility. Everyone has a responsibility for security. The top down centralised approaches have historically never worked, and at the end of the day the responsibility for protecting information lies with the individual. Lawyers talk about the concept of 'prudent man' and 'rational man' and that's the starting point for cyber security. You have to be prudent and rational and not do anything to put information at risk, but less than 10 per cent of the population has any knowledge of what goes on. So there's a huge educational onus on us to inform them in a way that they can act in a prudent manner. We have a huge educational responsibility as a society.

Is there any responsibility on the manufacturers in all this?
Yes. On the other side we as suppliers of technology have to deliver products and services to enable prudent people to do the right thing. And as organisations we need to be more open and honest and not hush up break-ins. On the third level is government. Cyber crime is extremely profitable because the costs are so low, and it's transnational, so the probability of you suffering the consequences are virtually nil. But if people lose trust in the internet we're talking about the world economy collapsing, so the attitude of those [governments] who say 'What goes on in my country has nothing to do with yours' is not going to work.