The shield

Since its founding in 1982, Symantec has grown to become one of the world’s leading IT security businesses, operating in 200 countries across the globe. Originally a creator of development tools, its acquisitive nature and a strategy that emphasises quality has seen Symantec develop in to a multi-national company with a broad portfolio.

As the PC reaches an ever-growing segment of the consumer population, the security industry has been presented with a change in the threat presented by malware. While the traditional image of a hacker has been that of isolated individuals seeking to make a name for themselves online, the modern threat focuses on identity theft and the money that can be made from selling personal data.

"The older generation of PC users learnt the ropes as they went along," says Symantec’s vice president of consumer sales for EMEA, Lee Sharrocks. "The younger generation has been using computers since day one; they grew up using these machines. They’re far more tech savvy but at the same time can be extremely complacent about security.

"This is unfortunate, because threats have become far more sophisticated and stealthy than ever before. The emphasis is on stealing personal data and doing so without being detected. The challenge for us now is to tackle attitudes to security and people’s perception of it."

With 27 years of experience under its belt, Symantec is in a very good position to highlight how threats have changed over the years.

"Traditional forms of attack, like viruses and trojans, are still out there," continues Sharrocks. "We see a far more refined approach being used, such as drive by downloads, and our security software has had to evolve to meet these challenges."

Sharrocks is keen to highlight the way that the software has changed to meet the more subtle nature of identity theft and phishing scams.

"We’ve gone from simply providing an antivirus scan to a full security suite like Norton 360," says Sharrocks. "We’re aware that if you just cover one aspect of security then you’re still leaving all the other doors open. The challenge is to cover existing threats and to anticipate future ones, so our products have become faster, lighter and more intelligent. We’ve had a huge leap forward in terms of definitions and can now offer up to the minute protection to our customers."

Offering fast and efficient protection is a key emphasis for Symantec. In today’s fast paced world, a minor threat can become a major incident very quickly, and Symantec is committed to spotting these problems before they can proliferate.

"We have a 24/7 security response centre that monitors feedback from the 240,000 local monitors in 200 countries across the globe," continues Sharrocks. "These centres monitor traffic trends, allowing us to see the issues as they happen and giving us a chance to identify the specific nature of the threat.

"It’s becoming more and more important for us to do this, as we’re finding that a great deal of our feedback and analysis centres around what we call the underground economy. Software writers develop the malware and sell it to people who then use it to extract personal details. Criminals can then obtain these personal details, which are sold by the kilobyte for pennies.

"It’s very sophisticated, very hard to track and the people who are doing it are getting fairly significant criminal gains. We don’t just track the data, where possible we do work with the relevant authorities to make sure these people are apprehended."

Despite having a strong reputation in the security sector, only a third of Symantec’s revenues are generated by sales of security software. Since its acquisition of remote data backup firm Swap Drive, Symantec now hosts over 30 petabytes of secure data, with over seven million active users.

"This is an ongoing concern for us," adds Sharrocks. "With PCs and mobile devices becoming more integrated, remote access will be more prevalent and the data must be safe and secure."

The future of data protection and security is something that Symantec is keeping a close eye on and Sharrocks is aware that a recession is a good time for the company to position itself for the coming years.

"I think it’s fair to say that a few years ago, our products fell short of what we expected," says Sharrocks. "We’ve spent the last two years redeveloping our portfolio and our products for 2009 are far faster and have a smaller footprint than any rival software. We’re due another release around September, which is going to put us even further ahead of our rivals, many of whom are slowing down and stalling at the moment.

"I think that over the course of the next year, we’ll see a shakeout of the vendors, some are likely to fail, other will probably be acquired. As a business, Symantec is in a very strong position – our consumer division is larger than McAfee – so expect us to continue to develop great products and make good acquisitions."

THE THREAT: KEY FINDINGS FROM SYMANTEC’S ANNUAL SECURITY REPORT

• Of all the vulnerabilities identified in 2008, 63 per cent affected web applications, up from 59 per cent a year ago

• Six of the top 10 countries where web-based attacks were prominent were from the EMEA region – these countries accounted for 45 per cent of the worldwide total, more than any other region

• Spain was the top-ranked country in EMEA for bot infections in 2008, with 15 per cent of the total

• In 2008, 78 per cent of threats targeting confidential information exported user data, up from 74 per cent in 2007

• Russia was the top country for bot command-and-control servers in EMEA, with 20 per cent of the regional total

• Over the past year, Symantec observed a 192 per cent increase in spam detected across the internet as a whole.

• In 2008, Symantec detected 55,389 phishing website hosts, an increase of 66 per cent over 2007, when Symantec detected 33,428 phishing hosts