Tuesday, March 2, 2010

Security 2.0? No, Symantec 2.0? Maybe

Vendors will try anything to get attention, so I suppose one shouldn't be surprised that Symantec keeps pressing forward with a strange term like Security 2.0.

According to CIO Magazine, http://www.cio-today.com/story.xhtml?story_id=1230048NUQOC&nl=5, Symantec chairman and CEO John Thompson laid out his company's Security 2.0 vision, which he said is less about locking down the physical network perimeter and more about protecting digital collaboration and transactions.

Well, ok. But then Thompson went on to say that problem of worms and viruses is largely solved…That's strange – there's a huge divergence between what Symantec’s own threat reports say and what their executive marketing pitch now is. Perhaps Symantec is worried that another vendor will move to the "forefront" of the anti-malware market (this was a pun on Microsoft's upcoming anti-virus offering in mid 2007).

But its dead wrong to say malware is diminishing. In fact, its just changing. While it is true that viruses and worms have less impact than they did at their apex in the early 2000s, the breadth of spyware, Trojan horse programs, spam and web attacks (many targeted, or “low and slow”) has greatly expanded to more than fill the gap, anti-malware solutions remain inadequate, and most organizations still very worried. Also, recent attacks on MySpace and Second Life demonstrate once again that worms and viruses will resurface for each new computing environment.

It would be nice to see Symantec easing off the FUD gas pedal, if they weren’t stepping on the hype pedal with the other foot.

For if Security 2.0 is a takeoff of Web 2.0, that’s not much of a launching pad. Web 2.0 is an ill-defined term that means different things to different people. And as for security, we’ve doing it since the dawn of human civilization. The more we invent, the more things stay the same. So its not as if we should draw a line under everything heretofore and start over with Security 2.0.

Even if there is no Security 2.0, there may be a Symantec 2.0. They are fielding new products and services such as database audit software, data leakage detection, and message content filtering. They later plan archiving tools to categorize and index data from e-mail and instant messaging, and an analysis tool called Discovery Accelerator for administrators to mine archived messages for legal discovery or evidence gathering.

The substance of this is all very interesting, but Symantec might have named it better. Its not Security 2.0, but it is progress.