Almost a billion websites exist today, yet only about three percent of those sites are encrypted, which means cybercriminals are able to make a good living off of vulnerable sites.
We’d like to see 100 percent of legitimate websites secured by 2018. It’s a challenge we’re putting toward the security industry. To help achieve the goal, Symantec recently launched Encryption Everywhere, a freemium website security package that lets web hosting providers integrate encryption technology into every website from the moment it's created. It's an innovative approach to pricing. Through Encryption Everywhere, providers can offer free basic encryption to all users, and then offer upgrades and premium security packages. It’s time to change the game as an industry.
But change requires innovation. Innovation is something we must constantly bring to the table, whether dealing with new products, customer offerings, business models, or processes. Without continual momentum, we become stale. And if we become stale, then the security industry is in trouble. We need to collectively innovate to move our industry forward.
According to the 2016 Symantec Internet Threat Report Vol. 21, more than three quarters of websites scanned contained unpatched vulnerabilities—one in seven (15 percent) of which were deemed critical in 2015. This puts all of us at risk. To encrypt these websites, it’s up to us, the security industry, to innovate the technology. However, we need to first take a breath, step back, and look at what we’re trying to solve for our customers. I’d like to share my insights on innovation, challenges facing the industry and customers, and some best practices.
Challenges Faced
In my experience, the main challenge is how to balance the appropriate care for a business unit with the willingness to take risks. How do you move forward with technology without disrupting revenue? Many companies recognize this dilemma and attempt a few cursory steps towards “innovation." However, they do so in such small increments, results never materialize. The fear of trying new things causes immobility and stagnation. Then, you’re back to becoming obsolete while cyber threats increase.
On the customer side, security products can be complex; that’s why many hosting providers don’t include it in their offerings. If it is included, it’s fragmented and limited to a subject of what they can offer. Innovation gives us the opportunity to solve problems for the customer. As an example, with Symantec Encryption Everywhere, we’ve made it easy for web hosting providers to integrate, sell, and manage a full suite of security solutions mapped to their business. And this is all done with a single platform.
Innovation Best Practices
When approaching innovation, we need to simplify everything for our customer. As security leaders, we need to develop new technology that, at its core, is easy to comprehend and use. If not, adoption will suffer.
Here are a few innovation best practices:
- Ability to pilot—The digital world moves fast, so we need to pilot changes, make adjustments, and then act quickly. We need to constantly innovate.
- Look at the problem holistically—We need to take a step back and look at the entire problem. What are we trying to solve? Who can disrupt us (who or what can break us)?
- Learn from other industries—We need to gather broad information from different industries to see how they approach innovation. What’s working for them? What risks are they taking? This can put us all in a different frame of mind.
- Partner with innovative thinkers—Collective innovation means teaming up with other organizations that have a similar mindset for constant innovation. As an example, Symantec recently acquired Blue Coat—and we are excited about combining our strengths for some very strong offerings. As our Symantec CEO Greg Clark says, “While the opportunity ahead for us is vast, to seize it, we must apply rigor, move faster and continue to transform.”
- Take sizeable steps at a healthy pace—Have discussions independently about milestones to be met and timing. Review these at monthly deep-dives to gauge progress. When revisiting new ideas, understand if the idea was bad or if the approach was mistaken. Make the correct course adjustment or decide to stop investing if it’s still not working.
Innovating for the Future
I’m looking forward to the opportunities to further innovate. If you don’t innovate, you become irrelevant. Just this August, Symantec finalized the acquisition of Blue Coat. Combining our technological strengths with Blue Coat allows us to help our customers better protect themselves and to make sure that what’s encrypted is not bad or nefarious.
Predicting the future is difficult, but it’s safe to assume there will be a growing number of things being digitized. Do the creators of connected Internet of Things (IoT) devices know about vulnerabilities? What is our role as security leaders within this growing digitized world? How do we help secure all this? What problems are we solving for our customers? These are all questions we must continually ask ourselves. Innovation often requires constant adaptation, if not re-inventing. When we come together as an industry, we can collectively innovate to help secure our shared, future horizons.
Looking more insights? Be sure to follow read Roxane Divol's other Connect posts and follow her @rdivol