As Symantec Chairman and CEO John Thompson sees it, the battleground for security has shifted. No longer is it just about the computer or even the corporate network. Instead, the new challenge is about protecting users' most important assets: their information and their interactions. Providing that protection is at the heart of what Thompson has dubbed “Security 2.0.”
Security 2.0 has evolved in response to a dramatically shifting threat landscape. Previous editions of the Symantec Internet Security Threat Report have documented that attack activity has evolved from being motivated by status for technical prowess to being motivated by financial gain. Many of today’s threats are designed to gather information that has financial value to the attacker. This can include personal information that can be used for the purpose of identity theft (the act of stealing the information) or fraud (using the information to commit fraud).
As the most recent Threat Report observed:
“The current threat landscape is populated by lower profile, more targeted attacks, attacks that propagate at a slower rate in order to avoid detection and thereby increase the likelihood of successful compromise. Instead of exploiting vulnerabilities in servers, as traditional attacks often did, these threats tend to exploit vulnerabilities in client-side applications that require a degree of user interaction, such as word processing and spreadsheet programs. A number of these have been zero-day vulnerabilities. These types of threats also attempt to escape detection in order to remain on host systems for longer periods so that they can steal information or provide remote access.”
Of course, the threat landscape isn’t all that is evolving. So too is the network perimeter. Traditionally, an enterprise’s computer network has been a well-defined entity, with clear perimeters and fixed endpoints throughout. But that was yesterday. Today’s IT network landscape has changed almost beyond recognition:
- Instead of one corporate platform and operating system, companies now routinely mix PCs and Macs with Windows, Unix, Linux, and more.
- At the same time, network usage has expanded to include multiple endpoints beyond the traditional desktop and servers. From laptops to PDAs to smartphones to guest computers, network boundaries have morphed to embrace a new business paradigm.
- Today the physical network perimeter is no longer defined by network devices. Instead, the people using the system — employees, customers, guest users, partners — comprise the new boundaries.
- Technology innovations, driven by pervasive computing, are fueling new business capabilities and business models. Customers, connecting directly to corporate networks, now accomplish transactions that were once completed by corporate employees.
That’s the reality of the online world today. Moreover, customers expect faster access to their information, and enterprises must keep up with growing customer expectations and look for ways to leverage new technologies.
So what makes this new world work? The answer shouldn’t come as a surprise. What makes it all work is confidence. Confidence is the essential component if enterprises expect to realize the full potential that these new technologies bring. And confidence comes only when all those in the connected world believe that their information is protected, their interactions are secure, and the risk of harm is minimal.
According to Symantec’s Thompson, building this confidence demands a new approach, as embodied in Security 2.0:
“At its heart is a realization that the battleground for security is no longer just the device — as it used to be in Security 1.0 — but rather it’s shifted to the information and interactions,” Thompson said recently.
Protecting this information and securing these interactions takes more than bolted-on security. It takes integrated products and services that provide a holistic view into an organization’s security posture. It also takes solutions that identify risks early — so that steps can be taken to mitigate them and prevent an attack. And it entails enabling customers to manage their security events — no matter what products they may already have installed.
As a result, Symantec is building an ecosystem of products, services, and partnerships that will help build a safe and secure connected world that enterprises can have confidence in:
- Symantec Global Services provides expertise and insight to help enterprises balance IT risk against the pursuit of increased business returns.
- Symantec has partnered with Accenture to launch a joint global services initiative, the Accenture and Symantec Security Transformation Services. It combines Accenture’s service capabilities, industry expertise, and business process skills with Symantec’s technology, global security intelligence, and security risk management expertise.
- Symantec’s Threat and Vulnerability Management Program is a framework for processing and prioritizing security intelligence.
- Symantec Managed Security Services provide remote, 24x7 monitoring of firewalls, security devices, and intrusion detection systems.
- Early Warning Services use custom alerts, detailed analysis, and mitigation strategies to produce a comprehensive view of network threats.
- The Symantec Enterprise Security Framework helps protect endpoint systems and corporate information from malicious attack, theft, and leakage.
External threats like phishing, pharming, and identity theft are evolving at an accelerating pace. Criminals and malicious users are no longer focused on PCs or networks; instead, they now reach into the depths of the world’s data banks. These disturbing trends are introducing new risks to our most valuable asset — information — as well as our interactions that today span dozens of platforms and hundreds of devices. Clearly, a new approach to protecting information and interactions is required.
Security 2.0, which integrates software, services, and partnerships, represents Symantec’s vision for building confidence in today’s connected world. Its goal: the comprehensive protection of business interactions, critical information, and IT infrastructure.