Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Q&A: Good Technology CTO, Nicko van Someren

Someren talks about the changing role of the CTO, his second role as CSO and the lessons learned from attacks on companies such as RSA.
Good Technology CTO and CSO, Nicko van Someren.

Good Technology CTO and CSO, Nicko van Someren.

Securing Good Technology’s mobile device management (MDM) offerings while exploring future tech developments is CTO Nicko van Someren’s top priorities. Speaking to CIO Australia during the recent Gartner Symposium/ITxpo on the Gold Coast, van Someren shared his thoughts on security and the changing role of the CTO.

Good Technology files patent infringement lawsuits in the US

Private cloud `very important’ for ANZ Banking Group: CIO

Network security in the BYOD era

What does your role as CTO involve?

The job of the CTO is to understand what the customers need rather than what they want.

My role involves understanding what the underlying problems are that we’re trying to solve and what are the technologies that the end users don’t know exist that we might be able to apply to solve those needs.

As CSO, what are the lessons you have learnt from attacks on companies such as RSA?

There are many lessons from each of these types of attacks. Just because you’re a security company doesn’t mean that your security is perfect.

RSA’s issue had to do with a particular aspect of its business model, which meant it had to keep some secrets that are both valuable to customers and attackers.

We go out of our way to ensure that we don’t have any secrets. For commercial reasons, we don’t want people to get hold of our source code but if an attacker got hold of it, they wouldn’t learn anything that would allow them to attack our products.

For example, we have a many layered process to ensure that bad people would not be able to insert malicious code into our products. We also have people on board who are employed to try and break the products we create. I think too few CIOs employ white-hat hackers internally. Part of that is that white-hat hackers don’t tend to fit well with the corporate culture of big IT organisations.

Are groups such as Anonymous script kiddies or sophisticated hackers?

The thing with Anonymous is that you never know who they actually are. There are lots of script kiddies pretending to be associated with Anonymous.

I think these groups are misguided in the way they go about protesting against bad things in the world.

It’s very easy to say that companies should have had better IT security in their organisation otherwise Anonymous wouldn’t have got in. There is a sense that they are a bit of a grey hat organisation because they do often expose flaws in ways which are less catastrophic if any real bad guys exposed them for companies.

What’s your advice to CIOs when managing MDM and bring-your-own-device (BYOD) programs?

CIOs should be asking what is the data that people need to access and what is going to be valuable for people to have access to- is it just email, document editing and file depositories or do we need access to business intelligence [BI] systems and customer relationship management [CRM] systems?

The CIO needs to look for applications that give them access to critical data in ways that set the policy about who gets access to that information, under what circumstances do they get access and what they can do with the data once it gets to the mobile device.

Hamish Barwick travelled to Gartner Symposium on the Gold Coast as a guest of Good Technology

Follow Hamish Barwick on Twitter: @HamishBarwick Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia

Related Articles

  1. Adobe warns customers of unpatched critical flaw in ...

  2. PayPal says it's time to ditch passwords and ...

  3. From CMO to CEO: Anametrix’s Pelin Thorogood

    CMO

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ANZ, CSO, Facebook, Gartner, Good Technology, RSA, Technology
References show all
Comments are now closed.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: MDM, Nicko van Someren, security, Good Technology
Latest Blog Posts
Whitepapers
  • Accelerate Cloud and Composite Application Delivery
    Are your requirements the need for faster release cycles, you have reduced budgets required to run and manage a complex test environment, and you want to decrease your third party expenses? HP Service Virtualisation, designed to enable your teams to create, develop and test against virtual services that simulate real service behaviour with no constraints, available anytime.
    Learn more »
  • Deploying Flash in the Enterprise
    Flash is quickly emerging as the preferred way to overcome the nagging performance limitations of hard disk drives. However, because flash comes at a significant price premium, outright replacement of HDDs with flash only makes sense in situations in which capacity requirements are relatively small and performance requirements are high. Learn how deployment approaches-including hybrid storage arrays, server flash, and all-flash arrays-that combine the performance of flash with the capacity of HDDs can be cost effective for a broad range of performance requirements.
    Learn more »
  • CSO Spotlight: Security-as-a-Service Gaining Popularity
    Organizations that are looking for security features including identity management, encryption and access control — and at the same time want to take advantage of the cost and flexibility benefits of the cloud —might check into security-as-a-service offerings available now from several vendors. Download now to find out more.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments