New security chief looks for balance with privacy in the web
Date
4/20/2015 1:54:20 AM
(MENAFN- Al-Anbaa) google has a new sheriff keeping watch over the wilds of the Internet.
Austrian-born Gerhard Eschelbeck has ranged the British city of Oxford; cavorted at notorious Def Con hacker conclaves, wrangled a herd of startups, and camped out in Silicon Valley.
He now holds the reins of security and privacy for all-things Google.
In an exclusive interview with AFP, Eschelbeck spoke of using Google's massive scope to protect users from cyber villains such as spammers and state-sponsored spies.
"The size of our computing infrastructure allows us to process, analyze, and research the changing threat landscape and look ahead to predict what is coming," Eschelbeck said during his interview.
"Security is obviously a constant race; the key is how far can you look ahead."
Eschelbeck took charge of Google's 500-strong security and privacy team early this year, returning to Silicon Valley after running engineering for a computer security company in Oxford for two years.
"It was a very natural move for me to join Google," Eschelbeck said. "What really excited me was doing security at large scale."
Google's range of global services and products means there are many fronts for a security expert to defend. Google's size also means there are arsenals of powerful computer servers for defenders to employ and large-scale data from which to discern cyber dangers.
Eschelbeck's career in security stretches back two decades to a startup he built while a university student in Austria that was acquired by security company McAfee.
What started out as a six-month work stint in California where McAfee is based turned into a 15-year stay by Eschelbeck.
He created and advised an array of computer security startups before heading off to Oxford. Eschelbeck, has worked at computer technology titans such as Sophos and Qualys, and holds patents for network security technologies.
He was confident his team was up to the challenge of fending off cyber attacks, even from onslaughts of sophisticated operations run by the likes of the US National Security Agency or the Chinese military.
Eschelbeck vowed that he would "absolutely" find any hacker that came after his network.
"As a security guy, I am never comfortable," he said. "But, I do have a very strong team...I have confidence we have the right reactive and proactive defense mechanisms as well."
State-sponsored cyber attacks making news in the past year come on top of well-known trends of hacking expressly for fun or profit.
The sheer numbers of attack "vectors" has rocketed exponentially over time, with weapons targeting smartphones, applications, datacenters, operating systems and more.
"You can safely assume that every property on the Internet is continuously under attack," Eschelbeck said.
"I feel really strong about our ability to identify them before they become a threat and the ability to block and prevent them from entering our environment."
Eschelbeck is a backer of encrypting data, whether it be an email to a friend or photos stored in the cloud.
"I hope for a time when all the traffic on the Internet is encrypted," he said.
"You're not sending a letter to your friend in a transparent envelop, and that is why encryption in transport is so critical."
He believes that within five years, accessing accounts with no more than passwords will be a thing of the past.
Google lets people require code numbers sent to phones be used along with passwords to access accounts in what is referred to as "two-factor" authentication.
The Internet titan also provides "safe browsing" technology that warns people when they are heading to websites rigged to attack visitors.
Google identifies about 50,000 malicious websites monthly, and another 90,000 phishing websites designed to trick people into giving up their passwords or other valuable personal information, Eschelbeck said.
"We have some really great visibility into the Web, as you can imagine," he said.
"The time for us to recognize a bad site is incredibly short."
Eschelbeck saw the world of online security as fairly black and white, while the privacy side of his job required subjective interpretations.
Legal Disclaimer:
MENAFN provides the information “as is” without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the provider above.