December 19, 2013
With Enza Iannopollo
Symantec held its EMEA Industry Analyst Conference in the UK recently. Symantec saw targeted attacks increase by 42% during 2013. Although it’s always mentioned among the top concerns by businesses in surveys, security is still often treated in a somewhat blasé way by many of those businesses in reality. We took several messages away from Symantec’s conference:
- Security is not just a simple IT issue but has wider business implications. Digital security has many facets, including cybercrime and online privacy. Security is an economic and societal dimension for the digital ecosystem. Just think of privacy legislation — customers expect the businesses with which they interact to adhere to it. This also means that the future security manager will be someone who understands business requirements and employee wishes well enough to balance them against specific security threats and compliance obligations. The security officer who just “shuts the gates” and says “no” to requests like accessing video websites or installing software is damaging to what we call the connected business.
- There is a need for Symantec to engage effectively with a partner ecosystem. Symantec is moving beyond products to become a solution provider. Symantec knows that integrated solutions need to work in a multivendor landscape across third-party and competitor products in a legacy environment. Such integration challenges hold back ecosystem ambitions. To strengthen its offering, Symantec has established partnerships with Hitachi Data Systems (data storage and interpretation), PwC (threat intelligence, incidence response, and digital loss prevention), and Colt (joint go-to-market offering for security-as-a-service). As part of these partnerships, Symantec sees a growing interest in the managed services option.
- Symantec brings big data to security. The vendor shared its vision in the form of its Symantec Information Fabric — a highly automated big data platform for enterprise metadata. It helps inform clients about security-related data and includes analytics, data governance, protection management insight, and access and delivery control. Symantec urges customers to address their basic data classification when defining their big data strategies in the security space. Businesses need to define the recipient of intelligence data (e.g., the chief information officer, chief security officer). This new security approach shifts from labeling folders to assessing data assets and data liabilities.
- Symantec needs to strengthen its line-of-business offerings further. Symantec has a vertical focus on healthcare, the public sector, and telcos (in partnership with Mahindra). It also has a dedicated focus on cloud and the Internet of Things (IoT). However, Symantec pointed out that the current limits on the ease of moving business processes to the cloud are also limiting cloud-based security. Going forward, Symantec will place greater emphasis on OpenStack with the intent to provide security out of the cloud, in particular concerning its IoT initiatives. Here, Symantec has the opportunity to become the trusted partner for third parties by offering authentication services. What we’re still missing is a clearer focus on role-specific security offerings for line-of-business staff. It is these well-meaning (and sometimes malicious) insiders who constitute a major security risk.
- Security needs to shift away from sole vulnerability prevention to include threat intelligence. The increase of hyperconnectivity in the form of smart devices (many of them BYOD), the spread of social media usage, as well as the growth of smart grids, online health, connected cars, and other connected devices are changing the security landscape. The traditional approach of identifying vulnerabilities before attackers can find them looks inadequate now. The explosion in the number of devices and applications translates into an exponential rise in challenges to find the vulnerabilities. Threat intelligence is an alternative approach that focuses on increasing your knowledge of the intentions of threat actors. Put differently: Security management is not only about fortifying the city walls to keep the barbarian tribes outside; it is also about knowing who these barbarian tribes are, what their fighting strategies are, which mistakes they make — and to go after them.