RSA: McAfee urges firms to distribute security duties

Enterprises looking to take advantage of advancements in IT security will need to take a new approach to designing their security platforms, according to McAfee.

Speaking at the 2013 RSA conference in San Francisco, chief technology officer Michael Fey told attendees that firms must develop a clear picture of how their security operations will integrate with other departments and how they will manage and respond to incidents.

Fey said that such platforms will not only require integration with other departments and operations, but also with executives. He said that executives should be educated to have a realistic expectation of the capabilities and limitations of their security infrastructures.

"We have got to make sure that with this new executive-level access we are getting, we leverage it appropriately. We need to let them run the business."

Additionally, Fey said that firms should make sure that responsibilities and duties are spread out, rather than relying on one group or department to handle all security operations.

In doing so, Fey said that companies will not only be better equipped to respond to threats and utilise current security platforms, but also make use of emerging platforms which could offer far greater intelligence and response capabilities.

Fey described a system in which an administrator could instantly analyse user activity in context and weed out suspicious behaviour to detect potential threats as they occur. Such a system could dramatically reduce the possible damage of a breach and catch malicious behaviour before it can lead to serious damage, he claimed.

"The closer we are to time-zero the more value we get from that information," he said.

"Not only have to be able to correspond with my environment, I have to be able to react to it."