Eva Chen is not your average software CEO. First of all, in a business dominated by testosterone, she's a she, one of a select few to be running a big enterprise ICT concern, alongside... well, precious few others. Second, in a northern hemisphere-dominated sector she is not of north American stock, nor even European. Instead she was born in rural Taiwan, took degrees from universities in Taipei and Dallas, and had a stint as a sport reporter before joining her current company.

However, quite understandably she bats away any attempts at developing a personal angle, preferring to focus on the successes of her company, Trend Micro, one of the hottest properties in security software today. The 21-year-old, US-founded, Tokyo-headquartered firm now employs over 3600 staff and turned over $985m in its last financial year, having built a sound reputation as a pioneer in areas such as gateway protection and appliances. A truly international outfit, it has operations in 50 countries and research and development departments in nine. Chen's 15-strong executive team speaks eight languages natively, she says - a rather different proposition to the average Silicon Valley or other US concern.

"If you're talking about a software company, we're the biggest in Asia," she says, adding that her chosen KPIs for measuring success are revenue, profit and customer satisfaction.

It sounds good, but isn't she concerned that with current rates of merger and acquisition activity, Symantec, McAfee, Microsoft or another software giant will become the 800-pound gorilla in the security software space?

"I'm not a big believer in that," she says. "I've heard this for 15 years that antivirus or whatever else is saturated but hackers always bring it back. Look at all the new viruses. They bring the industry back and that's why we launched ‘Think Again'."

Think Again is a campaign designed to attack the cosy assumption that security is a problem fixed and all you need to do is go with one of the big boys to be confident of a safe environment. To counter, Chen tells of a recent meeting with a C-list executive.

"A hotel chain said to me, ‘I have a firewall, intruder protection system, encryption, desktop antivirus but it still happens'. We all have to think again."

When you've finished thinking again, Chen hopes that the conclusion you arrive at will involve a holistic solution that the firm calls the Smart Protection Network.

"Security needs to be integrated into the network information flow," she argues. "We used to think security was a lock and when it was no good we would put on more locks and overburden the PC. This is still the current security approach for a lot of people but there's a whole new approach that's like home security monitoring. Nobody says ‘Whose [home security] sensor is better?'. The service is measured on if there's a problem immediately someone coming to your house, or a phone call saying ‘are you OK?'"

With Microsoft expected to launch its free OneCare service, some pundits think the fundamentals of procuring security could change again but again Chen is not having any of this, preferring to place her faith in strategic, IP-led acquisitions and, more importantly, a burgeoning network of resellers to build out a complete answer to corporate security woes.

"People don't buy security for itself," she says. "You don't buy a log for its own sake; it has to be a log for building a house. Even Microsoft can't do everything on its own because the problem is too big and too fast-moving. The channel is the only one-stop shop. Anyhow, you get competitive not by looking at competitors but by solving problems."

One change that she does see as profoundly affecting the state of security is the emergence of cloud computing. The fundamentally different model of having operating system, applications and services residing in third-party datacentres, potentially located thousands of miles away, will force the industry to reconsider its dearly held tenets on information security and governance, she believes, if organisations are to capitalise on the opportunities to take out cost, increase operational flexibility and reduce time spent on system administration, procurement and deployment.

"Before, Windows sandwiched the app, but with cloud computing the operating system is decoupled, the presentation layer is the browser and the app sits on it," she explains.

As with client/server, it will be strength of administration that will be key, she contends: "Management is the problem: how do you ensure systems are all patched and updated or that all these contractors, consultants and guests are covered."

Another security challenge is involved with the related field of virtualisation, where it will be critical that roles-based permissions and security follow the user, even in the new, abstracted environments of dynamically created virtual machines.

More broadly, Chen is uncertain as the most appropriate response to convicted perpetrators. "I don't know what is sufficient," she says. "We have the death penalty, but people still kill people."

Increasingly though, she says that attempts to penetrate IT security will occur "for the same reason people rob banks", that is, because there is deemed to be potential for pecuniary gain.

The answer to this must be to take a panoramic view of the security issue. Having a chief security officer is important, but the CIO, along with other executives and members of staff must also be trained in policy and proper usage.

"Security is not just IT anymore," Chen argues. "In large enterprises you need to have a separate security officer and to lock the door and make sure it stays locked you need to have security-focused people throughout the organisation."

The turbulent state of the macro-economy could make security threats loom even larger, Chen believes, as more people are laid off, leading to disgruntled staff with a grudge against their erstwhile employers, and with more offshoring and outsourcing spreading the threat vector to all points of the globe.

Add to that the proliferation of target devices from Cisco routers to PlayStations and iPhones and it's clear that there will be plenty of work for Trend Micro and its peers for years to come.

About Eva Chen and Trend Micro

Eva Chen co-founded Trend Micro in 1988, serving as executive vice president until 1996 and then as CTO until 2004 when she assumed the position of CEO.

The company is associated with some pioneering developments in security including gateway virus protection,
web-based management consoles, security server appliances and botnet identification services.

Chen has an MBA and master's degree in information science from the University of Texas. Previously, she took a philosophy degree from Chen Chi University in Taipei, Taiwan.