Bit9 CEO: Trust-based model the new weapon in war against malware

Bit9 chief executive Patrick Morley talks mobile security, company partnerships with FireEye and Palo Alto Networks, and the evolving role of the CISO

Patrick Morley

Bit9 thinks you're fighting a new war using old weapons. The Waltham, MA-based company says traditional security products are no match against todays malware and advanced persistent threats, and that a new approach — one based on trust — is better suited than blacklists and other reactive solutions.

In this installment of the IDG Enterprise CEO Interview Series, Bit9 chief executive Patrick Morley explains how the company's security platform changes life for security pros and he talks about Bit9's plans to make securing mobile devices easier. He also discussed the company's partnerships with network-based security solutions like FireEye and Palo Alto Networks, and explored the changing role of the CISO in corporate America.

John Gallant: Give me the background and history of Bit9. What problems did you set out to solve and what have you accomplished since you launched?The original hypothesis behind Bit9 was that we were doing security the wrong way. For the last 20 years we've been focused on trying to find all the bad in the world and stopping the bad. What we've seen over the last few years is that that approach, that black-listing approach, trying to find and stop all the bad, does not work.

Patrick Morley:

When the company was founded there was a vision that people would wake up one day and realize this, and that the right way to focus security was really a different type of model, one that was more proactive, one that was positive, and that was really based on the concept of trust, the same way we run our own lives. Essentially, I trust you or I trust someone that you trust. The general hypothesis behind the company and the vision was that we're going to build a technology that allows organizations to only allow software to run that's trustworthy.

To continue reading this article register now

22 cybersecurity myths organizations need to stop believing in 2022