Former McAfee CTO Lambasts Security Industry Attitudes

British security specialist Prevx has appointed the former McAfee CTO as President of the Internet and PC security vendor.

Christopher Bolin’s appointment comes as Prevx is gaining ground in the provision of the scalable and effective cloud-native anti-malware technologies.

There is little doubt that Bolin is a security industry veteran now, with 19 years experience. He formerly held senior positions at both McAfee and Symantec. As CTO and Executive Vice President of Worldwide Product Operations at McAfee he helped grow security product yearly revenues from $300 million (£189 million) to over $2 billion (£1.2 billion).

Profit Driven

But he feels that the current security model may need to adapt to the increasingly sophisticated threats nowadays.

“Three decades of rapidly evolving cyber crime has created a frightening paradigm,” said Bolin in a statement. “Consumers and enterprises are protected by products from vendors who are only now realising that marketing success renders technology innovation virtually irrelevant to their pursuit of profits.”

Bolin was equally damming about claims that the security industry is keeping the current threats in check.

“Industry claims that we are safer now than ever are just plain wrong and create a false sense of security,” he said. “In fact, the past two years have seen the volume of malware threats exceed the cumulative total of the preceding 30+ years. The traditional approach to malware defence has passed the point of diminishing returns. Whilst a couple of vendors are just beginning to recognise this problem, the industry has several fundamental challenges to address,” he said.

He said that today’s malware research is failing at an alarming rate. “More threats are being missed and those that are caught are being uncovered days and weeks after they have already achieved their aim,” he said.

New Model Needed?

He also warned that security technology is too cumbersome and unwieldy, making “it too difficult to deploy and manage and too expensive to run for both consumers and enterprise.”

And he said that new vulnerabilities are being found and exploited by cyber-criminals almost every day, “making zero-day threats almost a guaranteed win for criminals.”

According to Bolin, manual research can no longer keep pace with sophisticated cyber crime, “which so easily avoids detection through simple techniques such as code obfuscation and geographically or contextually sensitive malware, which appears benign in the research lab but is totally malicious on a user’s PC.”

Bolin believes that companies need to utilise dynamic real-time threat information gathered from PCs and endpoints to instantly identify, understand, react to and block new threats.

“I came to Prevx because Mel Morris (Prevx CEO) gets it,” said Bolin. “He understands the power of the Cloud and that, in the war on malware, only computers can outsmart computers.”

McAfee Appointment

Meanwhile just as McAfee saw the hiring of one of its former executives by a rival, it has made a new appointment in Europe. McAfee announced that it has appointed Gert-Jan Schenk as president of its Europe, Middle East and Africa (EMEA) region.

Schenk joins McAfee from Juniper Networks where he served as senior vice president of EMEA. Over the last three years, he has grown its business from $600 million (£378 million) to $1.2 billion (£757 million) in revenue.

David Quantrell, McAfee’s current president of EMEA, has apparently decided to pursue other business opportunities.