INTERVIEWS by STEPHEN IBARAKI, FCIPS, I.S.P., MVP, DF/NPA, CNP
Kai Axford, Top-ranking International Security Authority, Senior Security Strategist in Microsoft's Trustworthy Computing Group
This week, Stephen Ibaraki has an exclusive interview with Kai Axford.
Kai Axford (CISSP, MCSE-Security) is a Senior Security Strategist in Microsoft's Trustworthy Computing Group.
A ten-year Microsoft veteran, Kai is responsible for discussing and recommending security solutions for both private and public sector organizations. In addition, he conducts Chief Security Officer councils worldwide, taking executive feedback and affecting change within Microsoft's security products and processes.
Kai started with Microsoft in 1999 as a Server Support Engineer and then moved on to become an IT Pro Evangelist, focusing on his peers through the Microsoft TechNet Events program. Kai has delivered more than 300 security presentations on a variety of topics, including digital forensics, security management, incident response, and computer espionage. He is a frequent speaker at security conferences, executive meetings, and business seminars around the world.
He is finishing an MBA in Information Assurance and is a member of ISSA, INFRAGARD, ASIS, and the North Texas Electronic Crimes Task Force. He was the recipient of the 2006 "Rising Star" award from the Information Security Executive council. Kai is interested in security management and hopes to become a Chief Security Officer one day.
Prior to Microsoft, Kai served as a leader in several real-world operations with the U.S. Army's elite 75th Ranger Regiment. Originally from Wisconsin, Kai is a huge NFL Green Bay Packers fan. He is based in Dallas, Texas with his lovely wife, a new baby boy, and a (very wet) yellow Labrador.
To listen to the interview, click on this MP3 file link
Go to www.microsoft.com/youshapeit/technet for a look at this interview and much more.
The latest blog on the interview can be found in the IT Managers Connection (IMC) forum where you can provide your comments in an interactive dialogue.
Interview Time Index (MM:SS) and Topic
|:00:42:|| ||Can you provide a profile of your roles and challenges?|
"....My role is to travel around the world and to speak with security executives and the IT professionals that work for the security executives and evangelize the Microsoft security message.....and to gather feedback on what Microsoft is doing well and what we are not doing well and to communicate that information back to Microsoft headquarters so that we can make changes with the way we do business with regards to security...."
|:01:41:|| ||What are your recommendations for security governance?|
"....You really need to focus on what is the core purpose of the governance solution. In IT, what we are really concerned about in everything we do is around two key words: risk management....We recently released our Data Governance Framework. We highly encourage listeners to check it out....http://www.microsoft.com/thrive ....or http://www.microsoft.com/security...."
|:03:55:|| ||What are your recommendations around defense in depth?|
"....I just did an eight-part webcast series last year on defense in depth. It's very important because we never want to put all our eggs into a single basket....There are seven layers but the key thing is to start at the top and work our way down...All the way from the top level (Policy, Procedures and Awareness), down through things like the Perimeter and physical security, Application security, Host security and down to the Data level itself...."
|:06:15:|| ||What are your best practices regarding virus protection?|
"....Having an anti-virus solution that is out of date is equivalent to having no anti-virus solution at all..."
|:07:04:|| ||How about malware removal and your recommendations?|
"....Microsoft makes the Malicious Software Removal Tool (MSRT). It's a free download. You can download it right onto your machine or you can connect to it over the internet and run it that way through your web browser and it will do the same thing...."
|:07:47:|| ||What can you say about corporate espionage?|
"....When we talk about corporate espionage we are talking about the concept of insider threat...."
|:09:18:|| ||Do you have some special tips which are not widely known that you would like to share?|
"....One of the most important things that you can really do is to stay informed....It all ties back to risk management. The bottom line is you really cannot protect everything....So one of the key things that you should be doing in your business is doing what we call Asset Prioritization and determine what are the key assets within your organization and putting them in a top to bottom order....Work with your business owners to identify these....Prioritize the assets....Determine an acceptable level of loss....If we have a limited budget....we need to make sure that we are spending the money on the most critical assets within our organization and not trying to spend it evenly across all assets...."
|:12:05:|| ||Provide your predictions of future IT/Business security trends and their implications/opportunities?|
"....virtualization security....cloud computing security....It all comes down to risk management...."
|:15:17:|| ||Which are your top specific recommended resources and why?|
"....www.microsoft.com/security....Microsoft Security Assessment Tool (MSAT)....Security Conferences [Example: RSA - the biggest security conference in the world and Microsoft TechEd]....Join a security organization [Example: Information Systems Security Association (ISSA) or ISF, but there are tons of security organizations out there]....User Groups...."
|:20:10:|| ||There are several MS Security Solution Accelerators. Do you have a top pick? |
"....Fundamental Computer Solution Guide for Windows which walks an IT professional through the steps of conducting an internal investigation of a Windows platform. It's not necessarily digital forensics....but it does walk you through the procedures of the things you should have in place as you are gathering this evidence....IT professionals are being asked to do more and more of this...."
|:21:38:|| ||Please overview the MS Forefront security solutions and how they specifically address the situation?|
"....People think that Forefront by itself is a single product. That's not really true. It's kind of the umbrella name under which we have all these security products....At the bottom level is the Forefront Client Security....Application level (Forefront Security for Exchange, Forefront Security for Sharepoint)....Forefront Code Name Sterling....Forefront Threat Management Gateway (TMG)...."
|:24:07:|| ||If you were doing this interview, what questions would you ask and then what would be your answers?|
"....What is security?....What's Microsoft's long term (5 to 10 years) vision?...."
|:28:11:|| ||Kai shares some stories from his work and experiences. |
|:30:01:|| ||Where would you like to be in five years?|
"....I love the job I have. I love being able to evangelize security for a great company like Microsoft but I'd love to be doing more to help kids on-line and protecting children and also working with law enforcement. This is such an important thing because kids today have no idea of the things out there on the internet waiting for them. Working with schools, civic organizations, etc. we can do more to educate our population of younger people how to protect themselves while on the internet...."