Symantec gearing up for future cyber security
.jpg)
Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson.
Enterprise security is important for Symantec, accounting for roughly half its business, and as a growing number of companies switch to cloud-based services, cloud security is high on Symantec’s agenda.
“We have been moving very aggressively towards the cloud, not only in the delivery of our products, but it is also the biggest problem facing our customers,” Symantec’s chief technology officer (CTO), Hugh Thompson, told Computer Weekly.
“Most companies are switching to cloud after they realise that software as service [SaaS] makes far more business sense than renewing traditional software licences.”
According to Thompson, cloud adoption by enterprises has been gaining momentum as companies have weighed up the cost of renewing their Microsoft Office licences against the cost of Office 365.
“And once they put their email and collaboration tools in the cloud, they started thinking about moving internal apps into the cloud too. There was no longer a psychological barrier to taking advantage of the economic benefits of the cloud,” he said.
As a result, Thompson said a lot of Symantec’s customers were in the process of moving applications to the cloud and embracing cloud-based services and infrastructure more than ever before.
“But many organisations are mindful of the security implications and the fact that while none of the old challenges go away by moving to the cloud, there are now some new ones, mainly relating to configuring cloud-based services and storage to ensure only authorised users are able to gain access.”
The challenge that many organisations are grappling with, said Thompson, is how to ensure correct and appropriate governance across their cloud-based services and infrastructure.
“So in the past few years, we have invested in tools that enable organisations to manage cloud applications that are pure SaaS and put rules and governance around them,” he said, adding that these tools – known as cloud access security broker (Casb) technology – have enabled organisations to re-educate themselves about what it means to be secure, now that they have moved into the cloud era.
The security basics around data, identity and policy continue to be extremely important, said Thompson. “But now there are different controls that also need to be in place, and Casb technology – which was initially popular in the US – is now recognised around the world as being very useful in this regard because most SaaS companies have not provided a consistent way to apply policies across all the apps that are used within the business, and this a big problem for organisations around the world.”
As a result of its aggressive acquisition strategy, Thompson said Symantec had moved on from where it was 10 years ago and was now in a position to cater to companies that are looking for best-of-breed products, as well as those looking for a suite of integrated products that can be easily and consistently managed, including best-of-breed endpoint protection, email security, cloud security and network security.
“Symantec has a long heritage in security endpoints and we have invested heavily in that space. Email is another critical attack vector and our email security business is now second only to Proofpoint. In addition to our network and web security products, we have one of the leading Casb products, and so you can have best of breed with best of suite at the same time, without compromising,” he said.
Openness and interoperability
Symantec’s new philosophy is to be “completely” open, said Thompson, and by publishing all the application programming interfaces (APIs) the company uses, it has ensured interoperability not only with all other Symantec products, but also with products from competitors.
This approach of “proactive” integration, he said, was a big cultural change for Symantec – especially in research and development – but it means it is easy for organisations to add best-of-breed products and for other tech developers to develop on top of Symantec technology to enable integrated cyber defence. “It also means that Symantec’s tech will work with, and even potentially improve the effectiveness of, other existing tech investments.”
Symantec’s open philosophy has led to the establishment of its 125-member Technology Integration Partner Program (Tipp) to ensure interoperability with products developed by startups and competitors alike. “This is how the security industry needs to be in the longer term,” said Thompson.
“Attackers can pivot on a dime, so why not have an environment where you can allow people to bring innovation, no matter where it comes from, and then provide the opportunity for engineers from all parties to work together on enabling APIs to work well together,” he said.
Alongside the Tipp, Symantec has launched a venture capital fund to enable Symantec to foster innovation in the very early stages of development and develop close working relationships with startups and help fast-track innovation by providing a basic technology stack on which they can build.
Security technology, said Thompson, has evolved from static rule-based and signature-based policies used to govern the business in a defined perimeter.
“Next we moved into the epoch we are still in – the epoch of analytics and machine learning or trained models, that are aimed at predicting the future and then trying to prevent things, but I believe that the next epoch has to be around human psychology,” he said.
Psychology and anthropology
As a result, Thompson said a growing proportion of people working in Symantec’s Horizon3 labs looking at technology developments in the next three to five years were being drawn from the fields of psychology and anthropology.
“Some of the PhDs we are hiring have zero background in technology because we are seeing incredibly sophisticated attacks against people who are employees of targeted companies, and there is no clear understanding of how to defend against these types of attacks that are exploiting zero-day [vulnerabilities] in people that are actually unfixable,” he said.
People have long exploited these human vulnerabilities on a personal level, said Thompson, but in a digital era, this can now be done remotely and at scale because just about everyone is now knowable from a distance through the data, video and audio available online.
“Already we are seeing highly sophisticated attacks that manipulate employees into transferring company funds into criminal accounts using a phone call that sounds like it is from the company CEO because criminals are using AI [artificial intelligence] to create deep fakes of executives’ voices to issue instructions and respond to questions.”
According to Thompson, attackers only need about 15 minutes of recordings of someone’s voice to be able to create one of these deep fakes. “These recordings can be fairly easily sourced from media interviews and the like, and few people are likely to query an instruction that sounds like it is coming from their CEO or someone else they know and trust,” he said.
Threats like these, he said, require a new type of approach, and Symantec is already researching ways of analysing audio on devices to give call recipients an indication of how likely it is that the caller on the line is human or generated using an AI model.
“We have to empower people, but I am jaded about trying to do it through education because it is too complicated and very few people care, so the goal has to be finding technological ways of getting people to be more attentive and to make better choices by signalling that they may be at heightened risk of manipulation or attack,” said Thompson.
He said the security industry needed to consolidate and that psychology and anthropology would be “critical” to the future of digital safety.
source computerweekly
Industry: Cyber Security
Latest Jobs
-
- Account Director | Cyber Security Consulting | UK - South East
- London
- N/A
-
Account Director | Cyber Security Consulting - Financial Services | UK - South East. New Role due to Growth We are looking for an experienced Account Director to develop and expand existing relationships across the financial services sector, working with investment firms, asset managers, private equity groups and strategic partners to deliver intelligent cyber consulting and a bespoke Cyber product offerings. You will act as a trusted advisor, helping organisations strengthen digital resilience, manage third-party and regulatory risk and adopt a proactive approach to cyber assurance. Key Responsibilities Manage a defined portfolio of financial clients, understanding business priorities and aligning tailored cyber solutions. Drive new client engagement while nurturing existing partnerships through a consultative, long-term approach. Present the benefits of advanced cyber services including threat intelligence, vulnerability management, incident readiness, and continuous risk monitoring. Collaborate with technical and delivery teams to ensure smooth engagement from proposal through to implementation and ongoing support. Prepare proposals, negotiate commercial terms, and clearly articulate value and business outcomes. Build trusted relationships at senior and board level. Ideal Profile Strong background in cybersecurity, consulting, or risk management within financial services. Skilled communicator with proven success managing and growing key accounts. Able to translate complex technical insight into commercial and strategic value for clients. Confident engaging with senior stakeholders and decision makers. Please note: Sponsorship is not available.
-
- SOC Analyst- Level 2- Hybrid Greater London
- London
- N/A
-
SOC Analyst- Level 2- Hybrid Greater London New opportunity created through continued growth. We’re looking for a SOC Analyst (Level 2) to strengthen a growing managed security team. You’ll work hands-on with Microsoft Sentinel and Defender XDR, investigating alerts, responding to incidents, and helping improve how clients stay protected. This role is ideal for someone who enjoys unravelling security events, thinking critically under pressure, and making a real difference day to day. What you’ll do · Investigate and respond to security activity across SIEM and endpoint tools · Analyse network and log data to uncover real threats · Support automation initiatives to streamline response processes · Help maintain visibility, data flow, and performance across SOC platforms What you’ll need · Practical experience using Microsoft Sentinel and Defender XDR · Confident working with KQL or similar query languages · Understanding of attacker tactics and response techniques · SC-200 certifications would be nice. · Experience supporting multiple customer environments Please note: Sponsorship is not available.
-
- Senior SOC Engineer - UK - New role due to growth
- London
- N/A
-
Senior SOC Engineer – New role due to growth We are hiring a Senior SOC Engineer to take the lead across security operations for a growing managed service. You will lead detection, response and onboarding activity across multiple clients, helping shape how the SOC evolves. Expect variety; from fine-tuning alerts and threat hunting to supporting customers and mentoring junior analysts. What you’ll bring · Strong experience across SIEM, EDR, and threat detection tools · Confident working with customers in a managed service environment · Skilled in scripting or query languages such as KQL or PowerShell · Knowledge of frameworks like NIST, ISO27001, MITRE ATT&CK · Calm communicator with a problem-solving mindset · Experience with Azure Lighthouse or delegated access models · Prior involvement in automation or SOC improvement projects Location: South East England- Hybrid role Please note: Sponsorship cannot be offered now or in the future.
-
- SENIOR Cyber Risk Consultant. Cyber Risk consultancy - the right way. UK. Hybrid - Remote first
- United Kingdom
- N/A
-
Senior Cyber Risk Consultant needed. New position due to growth Seeking a passionate Cyber Security Risk Consultant who enjoys helping clients make a different to their business. Dedicated training budgets, Unlimited holiday structured career path, Work life balance guaranteed Cyber Risk consultancy done the right way. A successful individual will have experience working with clients to identify business cyber security risk. This is a remote first opportunity which means you will spend the majority of your time working remotely. You will however spend some time meeting clients as well as meeting up with the team on a monthly basis.. Some of the nice to have certifications. CRISC, ISO27001 Lead implementer, CISA, CISM, CISSP Unable to offer Visa sponsorship now or in the future.