Recent Activities

Symantec Testifies Before U.S. Congress in Opposition to Wassenaar Arrangement Cybersecurity Export Controls

January 12, 2016

On January 12, 2016, Vice President of Global Government Affairs and Cybersecurity Policy Cheri McGuire testified before the U.S. House of Representatives at a rare joint hearing of the Homeland Security Committee and the Oversight and Government Reform Committee. The hearing was titled: Wassenaar – Cybersecurity & Export Control. Given the serious consequences this new international export control could have on global cybersecurity, it was no surprise that the hearing room was at overflow capacity. In addition to Symantec, there were an unprecedented eight witnesses testifying – including executives from the U.S. Departments of State, Commerce, and Homeland Security, and Microsoft, VMWare and the Information Technology Industry Council. Symantec and industry colleagues expressed strong opposition to the international Wassenaar cybersecurity export control, and urged the U.S. Government to renegotiate and narrow the definition at the upcoming annual meeting of Wassenaar nations.

The hearing, led by Subcommittee Chairs John Ratcliffe (R-TX) and Will Hurd (R-TX), along with Ranking Members Cedric Richmond (D-LA) and Robin Kelly (D-IL) focused on the detrimental economic and national security impacts of this new regulation. At the hearing, and in a rare showing of bipartisanship, every single Member of the Committees was sympathetic to our arguments that the regulation would harm cybersecurity.

In addition, at our urging, Congress has taken other actions including a bipartisan group of 125 Representatives sent a letter to President Obama’s National Security Advisor urging the Administration to send the export control rule back to Wassenaar to be renegotiated or heavily revised. We appreciate and support the U.S. Government’s proposal to eliminate controls on technology at the upcoming Wassenaar meeting. The hardware and software controls also should be eliminated as they would continue to hinder the ability of global companies to fully protect their own networks and customers and to stay ahead of future threats.

Symantec Testifies Before Congress on Cybersecurity Best Practices for the Government

January 8, 2016

On January 8, 2016, Ken Schneider, Engineering Fellow and Vice President for Technology, testified before the U.S. House of Representatives Committee on Science, Space, and Technology at a hearing titled: Cyber Security - What the Federal Government Can Learn from the Private Sector. Testifying with Ken Schneider was Telos Corporation, VMWare, and the Internet Security Alliance.

Ken's testimony opened with an overview of the current threat environment and went on to discuss Symantec's approach to enterprise security. He then used our Unified Security Strategy and the National Institute of Standards and Technology (NIST) Cybersecurity Framework to highlight numerous Symantec product and service offerings, including:

  • Data Center Security (DCS)
  • Data Loss Prevention (DLP)
  • Symantec Endpoint Protection (SEP)
  • Managed Security Services (MSS)
  • Critical System Protection (CSP)
  • Cyber Security Services (CSS)

Ken also emphasized our internal security planning and exercise programs, and wrapped up by showcasing our recent public-private partnership successes with law enforcement, including the Gameover Zeus, Cryptolocker, and Ramnit botnet takedowns.

Vice President Cheri McGuire Discusses the Importance of IoT and Protecting Sensitive Data

November 16, 2015

Now is the right time to address the security gaps in the Internet of Things according to Cheri McGuire, Symantec’s Vice President of Global Government Affairs and Cybersecurity Policy. In an interview with the Indian Express, McGuire went on to note that there are numerous devices and applications being released and it is important to “ensure security and privacy are built in before [IoT] becomes ubiquitous like the Internet.” McGuire believes that it is easier and more efficient to build security technology into devices during the engineering phases instead of waiting until the device is released to the public.

McGuire also emphasized that insider threat protection is important, particularly after the Snowden revelations. Organizations have to be aware of “who has access to what data, keep logs, tag data to see if something is moving around.” People do not put a flash drive in the computer anymore, instead; individuals use wireless systems to transmit information. McGuire stated “that it does not matter which platform or device, as in the end it is about the data…and how the data is protected.”

Symantec is already the global leader in protecting IoT devices with more than a billion secured. And with IoT devices expected to top 25 billion by 2020, Symantec is leading the effort to protect consumers from hacks against their always-on, Internet connected devices. Symantec’s Internet of Things Reference Architecture provides a good starting point for securing the IoT.