Symantec leaves Cold War bunker

Symantec has moved its real-time security analysis operations out of a Cold War bunker and into less glamorous but more practical offices in Reading in the Thames valley.

Although the bunker was good publicity, as well as being extremely secure, John Brigden, senior VP of Symantec EMEA, said the move of the security operations centre had allowed a fresh upgrade of the facilities and brought all of Symantec's UK operations to its campus in Green Park, Reading, where it will be able to cope with the company's rapid growth.

"We have a lot of intelligence in our global security centres," he said. "We collect information from over 40 000 sensors worldwide in 180 countries. Symantec looks at 35% of the world's e-mail traffic as it moves around on a daily basis, and uses an army of analysts to look at security information in real-time."

At the new centre, teams of security experts monitor network and e-mail traffic for malicious activity in real-time. Over one billion daily events on customer networks can be pared down to several thousand by intelligent analysis tools, but from there it takes human expertise to separate the false positives from the real problems.

Symantec, which offers 10-minute response times to its corporate customers in case of trouble, says customers need to be able to reduce costs and drive performance in security, despite disturbing trends in the threat landscape.

"Fifty-nine percent of all e-mail traffic in the world is spam, and we find one in 147 of those spam mails contain malicious code," says Art Wong, senior VP of Symantec's managed security services division. "Real-time analysis of malicious code and network events allows us to understand the threats so we can protect our customers better."

He said Symantec's managed security services division is booming because companies are struggling with the cost and complexity of security issues while trying to achieve compliance. Wong also confirmed that hacking for mischievous purposes has been replaced by hacking for financial gain.

Hackers are much more likely to go for login details, credit card numbers, blueprints and confidential documents. And the days of global nuisance viruses are rapidly being replaced by individualised attacks, he said.

Rob Martin, manager of BP's digital security services, said malicious e-mails were becoming far more targeted.

"The new incidents will not be a few Melissa-type e-mails inconveniencing us all, but rather many more e-mails targeted at a few select people," said Martin. He detailed an incident in which an e-mail sent by suspected organised criminals was carefully targeted to a handful of senior BP executives to try and extract confidential information.