An IT security software firm goes back to basics

(This story was originally published on September 11)

IT security software firm Symantec is going through a major transition having announced last month it will sell its struggling Veritas storage business to the Carlyle Group. The company intends to refocus on its original business of end-point IT security.

But that is not enough these days. The threats have become more sophisticated in recent years and new genres of attacks have emerged like ransomware, malvertising and Advanced Persistent Threats (APTs).

Any security company worth its salt now has to have solutions that can identify malware that got past the perimeter fence and be able to deal with it quickly. And there is more competition with companies like Cisco Systems and Intel Security moving into that space, as well as traditional players like Kaspersky.

On a recent visit to Santiago, Chile, BNamericas spoke to Piero de Paoli, Symantec's VP of Global Product Marketing, and asked him about how the company plans to address these new threats and fight its way back into the market.

BNamericas: Symantec is going through a transition having sold off Veritas. It looks like it is getting back to basics, protecting the perimeter.

De Paoli: We're now in the tail end of our separation. We've been planning this for almost a year, and now it's back to basics. That will allow us to become a focused security company. Our Norton division will continue to help consumers and the focus is on enterprise security, with all the changes in the threat landscape.

BNamericas: Security is all over the headlines today. There are opportunities, but also a lot of competition.

De Paoli: I agree, it's a good time to be in security and Symantec is in a good position because of our market penetration in some of the key areas. In end-point protection, we're still number one. We're number one in e-mail security, which is still the main threat factor with the likes of phishing attacks. We're also a leader in data loss prevention. And we're investing in emerging areas like cyber security, security monitoring and helping companies train staff. We have a simulation service, so rather than learning how to protect yourself from a book or a course, this does it live in an almost real environment.

BNamericas: A lot of security breaches happen for simple reasons and it comes down to education.

De Paoli: Yes, education is fundamental. Think twice before you click on a link. Is this a legitimate e-mail? But also making sure the security professionals are up to speed with the most relevant information to protect their company.

We see a lot more targeted attacks. They know what they want and they know who they want to attack. Our internet security threat report shows personal assistants are among the most attacked people inside a company because they often have the same access privileges as the CEO, but are not as careful with that information.

BNamericas: Attacks have evolved a lot. With Advanced Persistent Threats you often don't know your security has been breached for weeks or months. Many industry observers say that no perimeter protection is 100% secure and you need to also take measures to monitor from the inside and quickly identify malicious attacks. Will Symantec continue to focus mainly on the perimeter or address APTs too?

De Paoli: A bit of both. First of all, you have to attempt to block as much as you can so you have fewer things to chase. But once a threat gets inside an organization, the next step in the evolution of the security market is how do you detect it, contain it and then quickly respond to it. That's one of the next areas of focus for the company.

We launched an APT product in February. It's definitely an emerging space because of things like the car hacks.

BNamericas: The Internet of Things opens up new opportunities for hackers. What are you doing to address that?

De Paoli: We have products that help in that area. The first is the embedded security, critical system protection, which is a very lightweight agent. Because most of these IoT devices don't have the processing power of a server or a laptop, this is designed to set policies to block everything and only allow specific things to run based on whatever the organization wants to set up for that device.

BNamericas: How is the macro-economic environment impacting your business?

De Paoli: It's affecting everybody. But I think that has put security top of mind. It used to be a conversation the IT guys had. Now it is a conversation that happens in the board room. No one wants to be the next company that is in the news for that.