Security vendors are increasingly being called on to help prevent industrial espionage and curb the damage wrought on company systems by malicious or greedy staff, says Symantec director of EMEA product marketing Matthew Lodge. "People are now the perimeter of your business."
Disgruntled staff and those in a financial pinch have come to realise the value of company information, and have been selling it to competitors and others, he says.
Lodge was speaking on the fringes of a Symantec partners' gathering at the Wanderers Club, in Johannesburg. "They are still a minority, absolutely, but their actions can be very damaging to a company - and they get into the news."
He cites the ongoing controversy in the Formula One racing world surrounding a former Ferrari employee who may have passed hundreds of pages of confidential data to a McLaren staffer. To prevent a similar incident, Renault's F1 team uses Symantec technology to monitor outgoing e-mails and control data devices such as USB memory sticks.
Lodge says studies have come to different conclusions on what percentage of staff is untrustworthy. One industry report based on customer input found 5%, he says, but Symantec research suggests up to 10%.
Innovative attacks
The growing internal threat is one of several future trends identified by Lodge. Others are:
* Continued growth in the for-profit motive in the malware arena;
* Convergence between security and data management; and
* More integrated security products.
On the malware front, polymorphic viruses remain in the ascendant. The way malware is deployed is also becoming more refined, with targeting and attacks becoming more focused. "There is a lot of innovation in this market. The more targeted an attack, the more effective it can be. It shows the financial incentive in this business."
Regarding the third trend, Lodge says storage and legal concerns force companies to take greater stock of what data they have - and where: "The question here is what type of data is it and how do we treat it?"
The last trend has seen the major vendors, such as Symantec, consolidate its market position. Lodge says the cost of multiple security offerings and the complexity of managing them has become the bane of computers users, who are mostly neither IT experts nor want to be bothered with the details. "The cost of securing computers has become a significant part of the cost of the system. That can't be right," he says. The value for customers now lies in new products that integrate previous offerings into a single dashboard view.
He discounts that this product consolidation and integration will squeeze out the small players. There are always new threats and other ways of dealing with threats coming along, which will keep the window open for niche businesses, he concludes.
Related stories:
GSSC downplays system crash
Instant messaging spells doom
Updated virus protection is vital
Spammers are changing tack
Malware targets bloggers
Share