AlumniNews ISSUE 131FEBRUARY 2014

■TheBigIssue/Fighting the cyber hackers

THE WORDS ‘CYBER SECURITY’MAY have a futuristic ring to them,but they represent an issue thathas the potential to affect all of usat home or on the move and at thecompanies we work for – evengovernments are defending theirborders on a new online front.For John McAdam

SEP27(1990), President and CEOof application delivery firm F5Networks, the persistent andconstant innovation of the hackers,phishers and online ne’er-do-wellshas helped turn F5 Networks froma relatively small IT organisationwith a $109m turnover when he

joined in the burst-bubble phase ofthe dotcom boom to a businessturning over well in excess of $1bn.And, while much of this may beattributable to his businessprowess, he attributes recentgrowth – at least in part – to ourlove of all things mobile.“I have never seen such fast

change as I’ve seen in the pastcouple of years,” he says. “Mobilityhas changed everything and is areal driver for our business.” Andwhile that’s good news forbusinesses such as F5 Networks, itmeans that more of our intellectualproperty, personal, customer and

company data is at risk.John defines cyber security in

the big sense as securing thestability and integrity of the internetand the “whole onlineenvironment”. Things have movedon from the rather amateurish‘phishing’ attacks, where hackerswould put up bogus web shop-fronts of banks or emailsrequesting personal data. Nowthere are legion and far morecoordinated forms of attackfeaturing techniques like ‘denial ofservice’ where servers are made toflood a website with data,effectively knocking it out.“This is where you get an

organising, informal group ofpeople who want to disrupt abusiness for whatever reason,” hesays. “Then there are attacks ongovernments, and there areexamples of blackmail attacks,where people from across the

It’s a digital jungle out there, and any company that getscomplacent about its cyber security is likely to pay aheavy price. Alumnus John McAdam’s company F5Networks has become a business with a $1bn+turnover by making applications fast, available and alsosecure, helping firms stay one step ahead of thehackers. He talks to PHIL HEARD

■TheBigIssue/Fighting the cyber hackers

world have got together and said‘unless you meet our demands wewill bring your site down’.”The advent of mobile internet

access combined with the ‘bigdata’ phenomenon that seescompanies tracking and storinginformation on customer behaviourhas multiplied the risks. “Big datacomplicates things. The ability toanalyse vast data sets and drawmeaningful conclusions from themmeans businesses know moreabout customers than ever before,especially in the online and retailspaces,” says John.The ethical balancing act

between privacy and security isone for clients to mull over. Cybersecurity gatekeepers are too busytackling the growth in mobility andthe constant proliferation of apps,which are the most valuable targetfor hackers. “Making apps secureis a major challenge,” says John.

For many of us, internet securitymay not extend beyond makingsure that our virus software is up todate. But, as with flu jabs, theseupdates tend to be made from out-of-date material – or ‘signatures’ asthey’re known. And relying solelyon them is not enough. “A lot ofsecurity is built on signatures, andyou need to make sure that they’reall up to date, but the way you getahead is by using ‘policies’ – layersof them,” says John.

These are the permissions thatgrant access for certain users tocertain parts of a network orspecific applications. Similarly,should an employee leave with apersonal mobile phone, forexample, company-specific datacan be identified and removed,leaving their personal data intact.“You may encounter a policy as

soon as you connect to a datacentre whether you’re on officepremises on a computer, orconnecting in from an internet caféon a mobile or a tablet,” says John.“Your device, where you are andother factors determine what youcan access.”He advocates strongly the notion

of application ‘firewalls’, whichprovide security and more policiesat an application level. Everycompany will have a firewall toprotect their servers, but having awalled garden filled with otherwise

“It’s a game that keeps ongoing. You can never sit back

and think you’re securebecause the bad guys will think

of something”

JOHN McADAM SEP27(1990)

■TheBigIssue/Fighting the cyber hackers

unprotected crops is just notprotection enough. “It’s a gamethat keeps on going,” he says.“You can never sit back and thinkyou’re secure because the badguys will think of something.”And while every stage of the

journey can be encrypted, part ofthe cyber security expert’s role is tolook for opportunities that hackersmight use, balancing that withindividual privacy. “You track what’shappening, so you see logs ofthings within an application and ifyou see that someone was tryingsomething you weren’t expecting,you might think that’s interesting –and then you build in moreprotection.”The challenge seems to be

endless, but recognition of this isnow topping the agenda inenlightened boardrooms. “If you goback three to five years, therewouldn’t have been the

awareness,” says John, nostranger to most leading CIOs andCEOs.“I haven’t met anyone at board

level in a Fortune 500 company notversed about the enterprise riskthat cyber security presents,” headds. “I can’t imagine a scenario inwhich cyber security isn’t on the listof risk-management issues to lookout for.”And, as the online environment

continues to grow, John’scompany looks set to remain oneof Fortunemagazine’s top techstocks to watch. ■