Ask any IT leader what wakes him or her up at the dead of night sweating and there's a fair chance that their answer will include the words "network" and " security".

In the current economic climate, you can bet that cost control will up there in the list of worries too, as firms want the best network security, but at an affordable cost.

Computing talked to Dan Ryan, McAfee's executive vice president for network security, about the big challenges for IT leaders, and the next network security threats they can expect to come up against.

What is the biggest security problem facing IT leaders in large enterprises?
One of the main ones is manageability – what I call "swivel chair management". I have 10 point products, 10 consoles and each has a different perspective and threat delivery, and I can't manage it from a cost perspective, or from a compliance perspective. It's so complicated that in some cases it probably increases your vulnerability, rather than reducing it. Cost has become more of a discussion point these days than it had been before. It used to be security first and then cost. Today, I think they're about even, you have to give firms security for a lower cost.

What about problems at the network layer?
I think the same applies here – you have different vendors' products for data loss protection (DLP), mail security gateways and web security gateways. Every gateway out there should have DLP on it, but you don't want to have different security policies on different gateways. Similarly with firewalls and intrusion prevention systems (IPS) - you have IPS policies on your firewall, why wouldn't you want the same policies, or a subset of them, on your IPS appliance? Again it's a manageability issue based on having common security policies across protocols, together with the cost issue.