Security Experts Strategize At Microsoft HQ - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:32 PM

Security Experts Strategize At Microsoft HQ

Among the approximately 200 who attended were representatives from Microsoft, Symantec, Cisco, the FBI, Department of Homeland Security, and the Secret Service.

Security professionals from the private sector, law enforcement officials, and representatives from government and academia met last week at the Redmond, Wash., campus of Microsoft to craft strategies against botnets, spam, and phishing fraud, a participant said Monday.

It was the second meeting of the group, which is largely made up of people on several closed security-related mailing lists. Among the approximately 200 who attended were representatives from Microsoft, Symantec, Cisco Systems, the FBI, Department of Homeland Security, and the Secret Service.

"It was all about sharing information and developing trust relationships that allow for better sharing of information," says Randy Abrams, the director of technical education with antivirus vendor ESET. The networking at the meeting, even more than its presentations, are crucial for sharing data, tactics, and ideas, he adds. "We all need to know who's working for the good guys, who can take action, who those people trust, and who are their resources."

The meeting -- which was hosted by the Internet Security Operations Task Force -- was a follow-up to last summer's debut meeting, which was held at the headquarters of Cisco. Like the 2006 conference, last week's was closed to reporters. It was hardly hush-hush, however.

"It's hard to be a secret when the agenda's on the Web," Abrams says.

"The real value isn't in the presentations, it's in the networking. I'm not in a position to shut down a [phishing] Web site, but I know who can," says Abrams. "Now, if the FBI contacts me and asks who to go to, I can put them in touch. A lot of that kind of networking goes on."

Most of the presentations and conversation, says Abrams, were about botnets -- fast-growing collections of compromised computers that are used to launch phishing attacks and spread malware -- and the recent boom in spam.

"These are what we're seeing as the predominant problem," says Abrams, who declined to get specific. "We don't want the bad guys to know that we know what they know."

Much of the formal and informal emphasis was on strategies and technologies that work, and when. " 'This is where this is effective,' someone from an ISP would say," says Abrams. "Or 'this is how we tracked down spammers.' "

Abrams might have been bullish on the networking opportunities at the meeting, but he sounded pessimistic on the chance that the security community would soon get a handle on botnets or spam. "We won't, not in the near term, but eventually I think we'll be able to knock down the numbers," he says.

"Next year when we meet it will be a lot more focused on specific recommendations," Abrams says. "We won't be waiting until then to implement [strategies], but we'll have a much better idea of what we can do [that works] and what we should do."

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2020 State of DevOps Report
2020 State of DevOps Report
Download this report today to learn more about the key tools and technologies being utilized, and how organizations deal with the cultural and process changes that DevOps brings. The report also examines the barriers organizations face, as well as the rewards from DevOps including faster application delivery, higher quality products, and quicker recovery from errors in production.
Think Like a Chief Innovation Officer and Get Work Done
Joao-Pierre S. Ruth, Senior Writer,  10/13/2020
10 Trends Accelerating Edge Computing
Cynthia Harvey, Freelance Journalist, InformationWeek,  10/8/2020
Northwestern Mutual CIO: Riding Out the Pandemic
Jessica Davis, Senior Editor, Enterprise Apps,  10/7/2020
Register for InformationWeek Newsletters
Current Issue
[Special Report] Edge Computing: An IT Platform for the New Enterprise
Edge computing is poised to make a major splash within the next generation of corporate IT architectures. Here's what you need to know!
White Papers
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Sponsored Video
Flash Poll