Video Screencast Help
Symantec to Separate Into Two Focused, Industry-Leading Technology Companies. Learn more.
Symantec Analyst Relations
Showing posts tagged with Security
Showing posts in English
Sian John | 02 Jan 2014 | 0 comments

Based on discussions we are having across our customer base, we know that the Internet of Things (IoT) is a growing phenomenon. It’s not particularly new - after all, organisations have been monitoring the state of their buildings and equipment, and managing where things are in the supply chain, for many years now. What’s changing is the range and scale of physical objects that we’re starting to see connected, from air conditioning units to office doors. 

From our perspective of course, we are very interested in what this means in security terms. So, should organisations allow increasing numbers of devices and objects to connect to the Internet, or block all attempts to do so? From our perspective, the answer lies in being aware of the risks of doing so, and acting accordingly. 

As a starting point, we believe the challenges lie in misusing what is likely to mean a major new entry point to the organisation. We already have a major...

Carey Nachenberg | 21 Nov 2013 | 0 comments

This blog will discuss a vision for ‘to-be state’ of enterprise security and targeted attack protection, and is the last part of this blog series.

In my last blog, I detailed the first step toward achieving our vision for enterprise security. To summarize, I proposed that we need to update our existing security products so they generate a steady flow of security-relevant telemetry (e.g., every login, failed or not, between every machine in the enterprise, metadata for every inbound email, every connection through the firewall, etc.) – even when that telemetry doesn’t appear directly related to an in-progress attack at the time it’s collected. This telemetry will be used in two...

Symantec Analyst Relations | 01 Oct 2013 | 0 comments

This Blog was originally posted in Security Response

The ZeroAccess botnet is one of the largest known botnets in existence today with a population upwards of 1.9 million computers, on any given day, as observed by Symantec in August 2013. A key feature of the ZeroAccess botnet is its use of a peer-to-peer (P2P) command-and-control (C&C) communications architecture, which gives the botnet a high degree of availability and redundancy. Since no central C&C server exists, you cannot simply disable a set of attacker servers to neuter the botnet. Whenever a computer becomes infected with ZeroAccess, it first reaches out to a number of its peers to exchange details about other peers in its known P2P network. This way, bots become aware of other peers and can propagate instructions and files throughout...

GregDay-SecurityCTO | 08 Mar 2013 | 0 comments

The Internet of Things (IoT) took another step forward, as standardisation body OASIS formed a committee to enable the adoption of Messaging Queue Telemetry Transport (MQTT) for machine to machine (M2M) communications. 

MQTT is a small-footprint messaging protocol designed to enable low-power devices to exchange information. Such standards matter as they accelerate technology creation and adoption, by reducing development costs and increasing interoperability. In layperson's terms, the easier it is for devices to talk to each other, the more they will do it.

IoT is very interesting to us at Symantec, most importantly because it will have a dramatic impact on the way we all use technology. The EU's Neelie Kroes suggested that up to 50 billion devices could be connected to the Internet by 2020, from pallets to fridges. Indeed, the number of '...

GregDay-SecurityCTO | 10 Dec 2012 | 0 comments

IT Security is, at its core, just another kind of risk management. The principles are straightforward to explain – identify the risks, their probability and impact, then work out suitable mitigation strategies to reduce one or the other. 

So, how hard can it be to 'deliver' IT security - that is, to make an organisation's IT environment secure? Very hard, is the answer, when we consider just how far technology has come since such principles were first documented. The main challenge can be to identify the risks in the first place, against a background of constant evolution and sudden change.

And it's not going to get any easier given that threats come from an increasing variety of places. Let's summarise - mobile devices and networks; cloud-based applications, services and infrastructure; social networks and online collaboration tools; email and documents; virtualised...

Symantec Analyst Relations | 28 Nov 2012 | 0 comments

by John Brigden, SVP EMEA

This blog was originally posted in Information Unleashed.

Imagine half the value of your business being buried out of sight; or that value residing on the devices your employees took home at night, possibly to be lost or damaged. It’s a sobering thought—and one that’s all too real in today’s digital world.

According to the Symantec 2012 State of Information Report, almost half (46 percent) of an organisation’s information is being stored outside of its own data centre on devices beyond the corporate firewall. That could be anything from confidential customer information and sales opportunities, to crucial emails and financial reports. This ‘information sprawl’ is like setting a match to your business.

In the report, information sprawl was identified as the culprit in more than one-...

Symantec Analyst Relations | 22 Oct 2012 | 0 comments

By Johnny Karam, Regional Director Middle East

This blog was originally posted in Security Community Blog.

It is day three of GITEX and I’ve been talking from morning to night with CIOs, IT executives and partners. But I’m not tired...I’m actually energised. Energised because now more than ever before I am seeing how Symantec is an integral piece of the puzzle at the heart of Middle East organizations – and that is exciting!

In making the rounds at this premiere IT event for the Middle East, one of the resounding subjects in every discussion has been cyber security threats. The recent blaze of high profile attacks in the region has brought to life the growing concern and deeper awareness of the threats that organisations are facing today and how to protect their information and minimize the risks from undue...

GregDay-SecurityCTO | 22 Aug 2012 | 0 comments

There is often talk of the growth in mobile threats and, in 2011, we saw significant growth, in terms of volume as a percentage. Yet, as a total of the numbers involved, these were still relatively small – in the thousands, rather than hundreds of millions that unleashed themselves on the PC last year.

At the same time, we did see far greater innovation in the nature of mobile threats, with attackers focusing in on finding vulnerabilities to exploit, such as the botnet concept, as well as where money can be made and information stolen through smart devices.

So what is the right way to manage that threat and soften its impact?

Let me start by looking at process – and please bear with me as I do. In the past 10 years, the cost of a laptop computer has plunged by a massive 90%, while already it’s...

GregDay-SecurityCTO | 10 Jul 2012 | 0 comments

Attacks by viruses, trojans and other malware have often been considered as a Microsoft problem. Whilst Microsoft may have initially been slow to realise the significance and impact of malware, with  Windows XP Service Pack 2 and Microsoft’s Trustworthy Computing initiative, led by a former FBI agent, that the company started to get on top of the challenge.

Despite what the anti-Redmond crowd have blogged over the years, however, hackers didn’t target Microsoft products exclusively because they were insecure, or because the people involved had some ideological death-wish on the company. No – they did it because Microsoft was the most used end-point device environment in the world. Bill Gates’ “Windows Everywhere” ambition, once realised, made it the most obvious of all targets.

When times change, however, they don’t necessarily follow the script. In the personal computer era, the debate was about whether Linux (and more...

Symantec Analyst Relations | 25 Jun 2012 | 0 comments

By Patricia Titus, Vice President and Chief Information Security Officer

This blog was originally posted in Information Unleashed: The Official Voice of Symantec

Security leaders have come a long way, from backroom IT gurus to earning a seat at the executive table. Today, boardroom discussions increasingly focus on security threats and risk management and CISOs are being asked by the CEO “How secure is our online e-commerce site?” or “Are we at risk of being attacked by hackers?”

As a security leader, your answer to these questions can determine whether you get the resources and support needed to manage the risks to your organization. Therefore, the ability to answer these kinds of questions in a way that resonates with business executives is critical.

To do this, you cannot rely on the technical dashboards of IT GRC solutions past. While...