Three questions for CTOs: Anthony Haywood, Idappcom
Each week we'll be asking chief technology officers (CTOs) and chief information officers (CIOs) three questions. First in the hot seat is Anthony Haywood, CTO of Idappcom, vulnerability testing specialists.
What's your biggest technology problem right now?
The problem we're facing today is certainly a question of plausible deniability.
Some people, amazingly in this day and age, will still rely on the "if I didn't know there was a problem it wasn't my responsibility to address the problem.
Certainly US regulations and policy compliance measures have made this more difficult for people to hide from the reality that they could be providing services that are weakly defended, that mean that our personal information and details are at risk.
So I'd say that that's certainly one of the most significant problems that we encounter, as well as being able to effectively demonstrate to people that just because they bought an industry security device because they had to, because it was an auditing checkpoint, and just because they've deployed it and switched it on, doesn't necessarily mean that it's providing any level of protection at all.
You need to effectively audit and understand that the security is working.
What's the next big tech thing in your industry?
There needs to be a blended method of threat recognition on networks.
Today the threats have evolved through simple client server attacks and they're becoming more sophisticated.
The next big thing from my point of view would be not only comparing network traffic against an ever increasing database of known threats, but also analysing and comparing known good user activity. Because then you can say with a reasonable degree of confidence that certain activity is indicative of malicious intent, so certain activity is a prelude to threat.
So when you identify that kind of acitvy you can start to hyper analyse in-depth the content of that traffic, looking for deeper threats or further attacks.
What's the biggest technology mistake you ever made - either at work or in your own life?
Personally, my biggest technological mistake is not following through with some of the technical concepts and ideas.
It's very easy to theorise about new ideas and concepts, particularly with ideas with regards to understanding behavioural analysis.
You sit down at your laptop, you type, it knows it's you through the way you type, the way you click, how you click, what speed.
This can often lead to reauthentication. If you leave your laptop unlocked and someone else starts typing, then using almost like a neuro-net analysis we can say that the behaviour of this individual is most like this person, therefore the trust level falls, therefore you're asked to log onto the network again.
So really sometimes ideas that can be followed through into sustainable technology, very useful technology in certain sectors. If you don't follow through and make a commitment to follow through with those ideas you often find they fall by the wayside or at worst, you find that competitive solutions draw on the same ideas and utilise them.