In this interview James Randell from IBM sets out the issues and examines how to manage risk in the complex world of IT security. He talks about it security advice and strategies. James has worked extensively in pre-and post-sales consulting roles for US-based technology companies. He started his career as an MVS systems programmer and in more recent years has specialised in networking and IT security. He is CISSP-certified and experienced in all aspects of IT security and risk management. He spends much of his time advising on security issues and is a regularly-quoted commentator on contemporary security issues in the technology press. Antivirus tools are also very important for organisations, they assist them in defending there servers and desktops against attack by malicious software like viruses, Trojans and worms etc. which can affect the availability and the stability of machines and cause them to fall over and prevent data being stolen from those systems, AV systems whilst they help to prevent things they tend to very much focused on cleaning up after the event. As long as you’re clear about what the tools do, they are important tools but not every organisations security challenges are going to be solved by managing network access control and defending against malicious software so an organisation really needs to take a risk based approach at looking at what security tools they need.