Symantec CEO John Thompson recommended a more flexible and ambidextrous approach to IT security at a keynote speech at the Air Force Information Technology Conference at Auburn University's East Montgomery campus this week, FCW.com reports. His thoughts on a mixture of defense strategies would be applicable to federal IT security officials, as well as to private companies. According to the article, Thompson illustrated how older models of information security only restricted data and hampered real-time use. And with the changing tactics of cybercriminals, security managers need to adopt a more flexible and combined approach. Thompson's three-pronged approach included protecting information technology infrastructure, protecting the information itself and protecting the interactions among people using the information, FCW.com reports. The article states the first step in cyberdefense is to ensure systems will survive natural or man-made disasters by transferring data to backup systems in case of emergency. In addition, standardization and encryption of data and a common software infrastructure are crucial. “After all, servers and laptops [computers] can be replaced; the information on them most likely cannot,” Thompson told the audience. Second, according to Thompson, is controlling unstructured data, such as e-mail, instant messaging, PowerPoint and Word documents, and voice-over-IP conversations, which can be up to 80 percent to 90 percent of a company's data. Transactions and conversations should be monitored to combat suspicious or dangerous activity, FCW.com reports. Finally, Thompson said attention must be paid to identifying user identity to combat phishing, as well as securing wireless technology with certification and authentication techniques. In the end, Thompson told his audience that an organization's cybersecurity is only as good as the people who manage and use it. “People are just as important as technology and policies,” Thompson said, according to FCW.com. “In fact, with proper planning and training, employees can become your strongest line of defense.” Compiled by Paul Kerstein Related content news UK government plans 2,500 new tech recruits by 2025 with focus on cybersecurity New apprenticeships and talent programmes will support recruitment for in-demand roles such as cybersecurity technologists and software developers By Michael Hill Sep 29, 2023 4 mins Education Industry Education Industry Education Industry news UK data regulator orders end to spreadsheet FOI requests after serious data breaches The Information Commissioner’s Office says alternative approaches should be used to publish freedom of information data to mitigate risks to personal information By Michael Hill Sep 29, 2023 3 mins Government Cybercrime Data and Information Security feature Cybersecurity startups to watch for in 2023 These startups are jumping in where most established security vendors have yet to go. By CSO Staff Sep 29, 2023 19 mins CSO and CISO Security news analysis Companies are already feeling the pressure from upcoming US SEC cyber rules New Securities and Exchange Commission cyber incident reporting rules don't kick in until December, but experts say they highlight the need for greater collaboration between CISOs and the C-suite By Cynthia Brumfield Sep 28, 2023 6 mins Regulation Data Breach Financial Services Industry Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe