We spoke to Gareth Williams (VP-Sales, Emerging Markets, AVG) and Karel Obluk (CTO, AVG) and got a feel of where we stand in terms of security preparedness and what to expect in the future. Here are excerpts.
Q. What are the potential threats expected in the near future?
A. Gareth: It can be safely predicted that in 2010 the threat environment will witness higher volumes of web-threats and be even more transient, agile and organized! Internet security threats that we expect to have significant impact this year would be more diverse automatically generated malware. Cyber criminals in the cloud, and emerging nations going online without adequate security measures will be a matter of concern.
Q. What measures should one take to avoid being attacked?
A. Gareth: It’s necessary to use multi-layered protection beyond traditional anti-virus solutions. An anti-virus engine combined with real-time web scanning and a good behavior layer will ensure that businesses are protected from so many attack code variations every day. Cyber-security, however, foremost is a personal responsibility. Employing basic hygiene measures will keep cyber-criminals at bay. The following tips are useful:
- Think before you link
- Stay current on security software
- Keep your private information private
Q. How do you test your anti-viruses against attacks yet to be experienced?
A. Karel: AVG has several protection layers, some of them are designed specifically to cope with new threats that have not been seen yet. Emulator and generic scanner based on statistical methods is one such layer, behavior monitoring that observes behavior and actions of running process is another one. Together with LinkScanner, that scans for exploits on web pages, rather than the actual payload, we believe that we offer a very advanced protection even against new, so called 0-day threats.
Q. Cloud computing is one of the latest trends online in recent times. Do you view this is a breeding ground for infections?
A. Karel: Cloud computing definitely brings some significant advantages especially to small businesses, but equally to enterprises. Virtualization techniques that are used on these systems are very advanced and I am confident that vendors that offer various cloud computing services invest a lot in proper security. However, no program is perfect and thus I expect that these services will also be exploited by attackers and used for distribution of malicious programs and to attack other systems. Still, since these systems are usually managed very carefully by experienced admins, the likelihood of infecting these systems is much lower than for a typical home computer.
Q. How does one make a career in this field (technology)?
A. Gareth: Of course there are several different areas in the technology industry, some highly technical and some more commercially oriented. Whatever the chosen direction, the most important thing is a solid and relevant education. Then it’s about looking for the first opportunity to gain experience and to prove that you can do a great job. If it’s a technically oriented career then there are of course several specific training options available to increase skills and knowledge, but this still does not substitute for experience and the need to build up a track record. So, my suggestion for someone looking to develop a technology career is first to complete a solid education, second to choose a direction that’s genuinely interesting (it’s always easier to do a good job if you enjoy the work), third look out for the first opportunity to prove yourself, and fourth stay open-minded to take new or adjusted directions should the opportunity arise.