Home Feature Archive About this site
E-businesses and Online Consumers Must Make Security Their Top Concern

Dr. Madanmohan Rao
Internet Consultant & Writer
May 2001

Most of those who have ever booted up a PC will have noticed the presence of McAfee security software. Since December 1998, Srivats Sampath has been the president and CEO of McAfee, the world's leading security ASP. His fifteen years of experience in the IT sector includes head of marketing at Network Associates and Netscape Communications, and other positions at Central Point Software and Intel.

Srivats is also on the boards of WebTrends Corporation and Cadabra.com. He received his bachelor's degree in electronics and telecommunications engineering from Madras University in India.

Q: What was the founding vision for McAfee.com?

A: To build a very unique company that delivers security not as software but as a service. Early on, we realized that security needs to be managed constantly and evolve to protect against new threats on a very regular basis -- and the only way to do that is through being an ASP (application service provider).

What we have proved is that we have rapidly become one of the largest consumer ASPs on the Internet, providing security to users in over 230 countries. Our next step is to take this concept to small and medium sized businesses.

Q: How has your organization grown since founding?

A: McAfee.com was created in June 1998 purely as a concept. In December 1998, we launched an online version of VirusScan (McAfee's anti-virus product) and received tremendous feedback from our trial subscribers. We quickly realized that we had something valuable and viable on our hands. In September 1999 we launched the paid version of McAfee.com providing our security services to consumers.

Since then, we have rapidly grown to nearly 800,000 paid subscribers and close to 1 million active subscriptions. In 1998 we started with 2 employees and now we have over 160, our revenues have nearly doubled year over year, and we are in a good track for more growth in the next year.

We are one of the few Internet companies that are showing profitability and growth in revenues -- two good indicators of a healthy business.

Q: What are the top three trends you have noticed in Internet security in the past couple of years? What can we expect to see in the coming year?

A: The trend that we saw in the last few years is a corollary to Metcalf's Law (the value of the network rises exponentially with every node you place on it): as the network grows, the vulnerability of the network also rises exponentially with every node placed on it.

A prime example of this is the "ILOVEYOU" virus that propagated around the globe in under 5 hours. Now if you didn't have the Internet this wouldn't have happened -- the Internet is the enabling medium for viruses to propagate. We are going to see more of these [viruses] as more people will write these malicious viruses that infect the very medium to propagate themselves. We are going to see more rapid outbreaks that will do similar damage in the very near future.

Another trend that we are witnessing is a result of the increasing consumer use of cable and DSL connections. Traditionally, the hacker community had only targeted corporate computers, but now they are setting their sights at home computers, where they want to steal your identity, credit card numbers and other personal digital assets that people place on their system.

The third trend we are seeing is organized efforts by groups targeting the Internet infrastructure of large economy countries (like the United States), exemplified by the classic case of the denial-of-service attacks on Yahoo and eBay.

Q: What are some key misconceptions you notice in the way companies approach Internet security?

A: One major misconception is that all you need to do is place security on your system and not worry about it. Security by its very nature will protect you only at the time and moment. Because of the evolving nature of viruses and hackers' ingenuity, you need to constantly manage your security measures or face dire consequences. You'd be surprised to know the actual number of people that forget to update their anti-virus files and upgrade their firewall software!

The second misconception is the notion that these things (virus and hacker attacks) will happen to someone else. Let me tell you -- everyone is fair game in this world. E-businesses and consumers must make security their top concern.

An analog to this in the real world is that you wouldn't leave your front door open when you go on vacation. Instead you use a lot of common sense precautions to protect your real-world assets. As we migrate to a digital world we have to take these old-world behavior and develop common sense precautions to protect our digital assets.

Q: What are some of the online resources you provide for Internet security specialists?

A: There are many services that we provide. One great example is our World Virus Map, which is unique because it tracks viruses in real-time. Nobody comes close to providing this type of intelligence to businesses and consumers. Through our map, we can witness a virus outbreak in another region of the world and this gives us enough time to help reduce the infection of the virus.

We had done this recently when we had seen an alarming increase in an American Online password stealing Trojan, and that allowed us to give us ample warning to the AOL community of this Trojan. It is this advance warning that the virus map provides.

Q: Who do you view as your major competitor in the security ASP market, and how do you stack up against them?

A: We have been lucky in the sense that we have been a first-mover with this concept back in December of 1998. And in the past two and a half years that we have been in business, we have not seen a serious competitor threatening our subscriber base and business.

To be competitive in this space you have to heavily invest in data centers and the uptime required to properly manage security. During the ILOVEYOU virus outbreak we had nearly a million people visit our Web site for five consecutive days, and we were the only anti-virus site at a 5 nine (99.999) percent uptime rate. This is a clear example of a return on our investment.

Q: What has been the most challenging set of viruses and security breaches that you have had to deal with?

A: ILOVEYOU was by far the biggest, and we view this virus as representative of the tone of viruses that we will see down the line. What amazed us was the propagation rate and damage it had caused. We have seen other viruses after that, but none compared to the level in speed and complexity of ILOVEYOU.

Another trend we see developing is hackers using viruses, Trojans namely, to open up network PCs to the real world. The convergence of hacking and viruses is an issue that we are closely monitoring.

Q: How do you view the evolution of the home and business markets for your products in the coming years?

A: The home market has long been our core franchise and typically consumers have been left on their own as far as security and protection is concerned. With our unique service-based approach, home users can leave their security to us and we manage, protect and update their PCs.

The same happens to small businesses: they don't have the resources to have an IT department, but they realize having an Internet presence is important. However, being on the Internet has its risks in terms of hackers and viruses, and they need strong and reliable protection against them.

Small businesses need to secure themselves like large corporations, and we provide the best solution in the marketplace because managing security is our core competence. Since small/medium sized businesses realize the need for security and can't do this themselves, we are ideally suited to do it for them - this is a good example of our strengths protecting their weaknesses.

Q: What new offerings do you have for the wireless and broadband markets?

A: In the wireless area, we offer our subscribers the Wireless Security Center where users can protect their PCs and PDAs from the threat of harmful Trojans and viruses. Currently, there are only 3 known viruses that affect the Palm OS, but we expect more to come in the rapidly growing market.

As for broadband, we provide a personal desktop firewall. This is one application that every home user who has a DSL or cable modem connection needs. Not only are hackers going into people's systems and searching for personal information, they are also becoming increasingly aware that home PCs coupled with broadband speeds are a perfect weapon to conduct denial-of-service attacks. To this date, our desktop firewall has not had a single reported security breach.

Q: How do you view the Asian Internet market? How does India fit in here in this regard?

A: We think the Asian market is very big, and we think the Internet growth of Asia far exceeds that of the US because of the population and the price points coming down. India fits in a unique way, because India is the largest market of IT talent outside of the U.S. This means large amounts of people are using their computers both at home as well as at work.

As the Asian networks grow, security concerns about viruses and hackers will also grow, and we think the opportunity for us to come in and be a leader in Asia will be pretty big.

Q: Any other parting advice for Internet security professionals and CEOs?

A: Take security seriously. Security may be cumbersome and boring, but it is something you have to build into your habit profile. If you don't take steps to protect your digital assets, whether it is personal or corporate, there is a very high probability that something bad will happen to you.

Q: If you had a chance to go back in time and start everything again from scratch, what would you do differently the second time around?

A: I wouldn't change a thing!

About the author

Dr. Madanmohan Rao is an Internet consultant and writer based in India. He was formerly the communications director at the United Nations Inter Press Service bureau in New York, and vice president at IndiaWorld Communications in Bombay. Madan graduated from the Indian Institute of Technology at Bombay and the University of Massachusetts at Amherst, with an M.S. in computer science and a Ph.D. in communications. He is a frequent speaker on the international conference circuit, and has given talks and lectures on Internet-related issues in about 35 countries. He has worked with online services in the U.S., Brazil, and India.

He is the editor of INOMY.com (a leading Webzine about the Internet economy in India), and is on the board of editors of the magazines Electronic Markets (www.electronicmarkets.org - published from Switzerland) and On The Internet (published by the Internet Society - www.isoc.org). Madan is also on the board of directors/advisors of yellow pages firm IndiaReference.com, steel portal SteelRX.com, investment bank CoolStartups.com, Web solutions company 4Cplus.com, content services provider FridayCorporation.com, and software development portal SoftwareDioxide.com.

The author can be reached at madan@inomy.com.

For questions about this site, please contact david [at] technopreneurial.com.

Technopreneurial.com is sponsored by 432 Ventures. | Privacy Policy
Copyright © 2000-11 Technopreneurial.com & David C. Burnett. All Rights Reserved.