During Intel Focus 15, Sunil Varkey, the chief information security officer of IT consultancy and outsourcing company Wipro, said that his company has embarked on a Zero Malware program. We find out more about what that entails.
Varkey and his team started their journey by quantifying the cost of malware. He determined that Wipro was spending around US$4000 per day just keeping the network clean.
One of the issues he identified was that endpoint security wasn’t very effective at stopping threats. He found about 30 per cent of the malware coming in was missed. Once he knew that, he calculated the costs of support staff to remediate issues, storage of security logs and other costs to get to his US$4000 per day figure.
Rather than shoot for zero malware, Varkey wanted to improve the detection rate so that just five per cent of the malware got through his defences rather than 30 per cent.
He achieved this in just a few months on a platform supporting about 162,000 users, using 125,000 systems in 82 different countries. This involved new firewalls, endpoint protection. End user systems were updated remotely with zero touch he says.
Varkey’s advice for anyone embarking on this was to start with the data. It’s critical to analyse the threats and work out where they’re coming from. This has been the key. Making data-driven decisions about what’s happening in his business rather than reacting to market trends has enabled Varkey to design and implement a security solution that works for Wipro.
Anthony Caruana attended Intel FOCUS 15 in Las Vegas as a guest of Intel Australia