Symantec gearing up for future cyber security
.jpg)
Symantec is focusing on enabling businesses to secure data in the cloud after a string of acquisitions, but it also has its eye on the future, which will be all about empowering people, says CTO Hugh Thompson.
Enterprise security is important for Symantec, accounting for roughly half its business, and as a growing number of companies switch to cloud-based services, cloud security is high on Symantec’s agenda.
“We have been moving very aggressively towards the cloud, not only in the delivery of our products, but it is also the biggest problem facing our customers,” Symantec’s chief technology officer (CTO), Hugh Thompson, told Computer Weekly.
“Most companies are switching to cloud after they realise that software as service [SaaS] makes far more business sense than renewing traditional software licences.”
According to Thompson, cloud adoption by enterprises has been gaining momentum as companies have weighed up the cost of renewing their Microsoft Office licences against the cost of Office 365.
“And once they put their email and collaboration tools in the cloud, they started thinking about moving internal apps into the cloud too. There was no longer a psychological barrier to taking advantage of the economic benefits of the cloud,” he said.
As a result, Thompson said a lot of Symantec’s customers were in the process of moving applications to the cloud and embracing cloud-based services and infrastructure more than ever before.
“But many organisations are mindful of the security implications and the fact that while none of the old challenges go away by moving to the cloud, there are now some new ones, mainly relating to configuring cloud-based services and storage to ensure only authorised users are able to gain access.”
The challenge that many organisations are grappling with, said Thompson, is how to ensure correct and appropriate governance across their cloud-based services and infrastructure.
“So in the past few years, we have invested in tools that enable organisations to manage cloud applications that are pure SaaS and put rules and governance around them,” he said, adding that these tools – known as cloud access security broker (Casb) technology – have enabled organisations to re-educate themselves about what it means to be secure, now that they have moved into the cloud era.
The security basics around data, identity and policy continue to be extremely important, said Thompson. “But now there are different controls that also need to be in place, and Casb technology – which was initially popular in the US – is now recognised around the world as being very useful in this regard because most SaaS companies have not provided a consistent way to apply policies across all the apps that are used within the business, and this a big problem for organisations around the world.”
As a result of its aggressive acquisition strategy, Thompson said Symantec had moved on from where it was 10 years ago and was now in a position to cater to companies that are looking for best-of-breed products, as well as those looking for a suite of integrated products that can be easily and consistently managed, including best-of-breed endpoint protection, email security, cloud security and network security.
“Symantec has a long heritage in security endpoints and we have invested heavily in that space. Email is another critical attack vector and our email security business is now second only to Proofpoint. In addition to our network and web security products, we have one of the leading Casb products, and so you can have best of breed with best of suite at the same time, without compromising,” he said.
Openness and interoperability
Symantec’s new philosophy is to be “completely” open, said Thompson, and by publishing all the application programming interfaces (APIs) the company uses, it has ensured interoperability not only with all other Symantec products, but also with products from competitors.
This approach of “proactive” integration, he said, was a big cultural change for Symantec – especially in research and development – but it means it is easy for organisations to add best-of-breed products and for other tech developers to develop on top of Symantec technology to enable integrated cyber defence. “It also means that Symantec’s tech will work with, and even potentially improve the effectiveness of, other existing tech investments.”
Symantec’s open philosophy has led to the establishment of its 125-member Technology Integration Partner Program (Tipp) to ensure interoperability with products developed by startups and competitors alike. “This is how the security industry needs to be in the longer term,” said Thompson.
“Attackers can pivot on a dime, so why not have an environment where you can allow people to bring innovation, no matter where it comes from, and then provide the opportunity for engineers from all parties to work together on enabling APIs to work well together,” he said.
Alongside the Tipp, Symantec has launched a venture capital fund to enable Symantec to foster innovation in the very early stages of development and develop close working relationships with startups and help fast-track innovation by providing a basic technology stack on which they can build.
Security technology, said Thompson, has evolved from static rule-based and signature-based policies used to govern the business in a defined perimeter.
“Next we moved into the epoch we are still in – the epoch of analytics and machine learning or trained models, that are aimed at predicting the future and then trying to prevent things, but I believe that the next epoch has to be around human psychology,” he said.
Psychology and anthropology
As a result, Thompson said a growing proportion of people working in Symantec’s Horizon3 labs looking at technology developments in the next three to five years were being drawn from the fields of psychology and anthropology.
“Some of the PhDs we are hiring have zero background in technology because we are seeing incredibly sophisticated attacks against people who are employees of targeted companies, and there is no clear understanding of how to defend against these types of attacks that are exploiting zero-day [vulnerabilities] in people that are actually unfixable,” he said.
People have long exploited these human vulnerabilities on a personal level, said Thompson, but in a digital era, this can now be done remotely and at scale because just about everyone is now knowable from a distance through the data, video and audio available online.
“Already we are seeing highly sophisticated attacks that manipulate employees into transferring company funds into criminal accounts using a phone call that sounds like it is from the company CEO because criminals are using AI [artificial intelligence] to create deep fakes of executives’ voices to issue instructions and respond to questions.”
According to Thompson, attackers only need about 15 minutes of recordings of someone’s voice to be able to create one of these deep fakes. “These recordings can be fairly easily sourced from media interviews and the like, and few people are likely to query an instruction that sounds like it is coming from their CEO or someone else they know and trust,” he said.
Threats like these, he said, require a new type of approach, and Symantec is already researching ways of analysing audio on devices to give call recipients an indication of how likely it is that the caller on the line is human or generated using an AI model.
“We have to empower people, but I am jaded about trying to do it through education because it is too complicated and very few people care, so the goal has to be finding technological ways of getting people to be more attentive and to make better choices by signalling that they may be at heightened risk of manipulation or attack,” said Thompson.
He said the security industry needed to consolidate and that psychology and anthropology would be “critical” to the future of digital safety.
source computerweekly

Latest Jobs
-
- Service Architect- DACH regions
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Service Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the Service/ solutioning effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company area a global managed services business working with enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead Service/ solution design from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. You’ll Need: Experience working as a Service architect, Service Manager or Customer Success Manager R Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical grasp: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Deal Architect- DACH region
- Germany
- Upto €110,000 plus bonus and benefits
-
Lead Deal Architect with the authority and experience to take control of complex, multi-million-euro outsourcing bids. This role is about leading the solutioning/ Service effort, bringing structure to chaos, and driving the entire bid team to deliver winning proposals. The company is a global managed services business providing solutions to enterprise and public sector clients, across Cloud, End-User Computing, Digital Workplace, Service Desk, and Network Infrastructure. What You’ll Do: Lead the deal from qualification to contract. Control bid teams — architects, pricing, delivery, and SMEs. Break down RFPs/RFIs into actionable, costed, client-ready solutions. Present internally and to clients at decision-maker level. Run solution workshops, own the architecture, and shape the financial model. Be responsible for the service Wrap and ensuring the Service meets clients requirements You’ll Need: A back ground with IT Services Experience in a similar type of role, for example: Deal, Service, or Solution Architect in ICT outsourcing. Gravitas to lead and drive teams through high-stakes bids. Deep knowledge of managed services delivery and commercial models. Strong technical knowledge: Cloud, Security, EUC, Unified Comms, Service Desk, and more. Experience leading deals across onshore, offshore, and hybrid delivery models.
-
- Pre Sales Lead- IT Services
- Germany
- Upto €100,000 plus benefits
-
As the Pre-Sales Lead (Sales Engineer/ Solution Architect) you will drive large-scale ICT managed services and outsourcing deals (from €0.5M to €20M+). You'll work directly with Business Development and clients to design high-impact solutions across Cloud (Azure, IaaS, SaaS, PaaS), EUC, Unified Comms, Security (SIEM, PAM), Networks, and Smart Workplaces. What You’ll Do: Lead the end-to-end pre-sales cycle — from RFI/RFP to contract. Design innovative, client-specific solutions with technical & commercial impact. Present at CxO level and steer proposal strategies & financial models. Collaborate closely with Portfolio, Service Desk, Field, and Digital Workplace teams. Support deal shaping with strong knowledge of ITIL, SIAM, Automation, and cost analysis. What You’ll Bring: Have strong experience in pre-sales or solution architecture. Experience with €M+ managed service deals. Deep technical expertise in modern ICT stack and enterprise IT services. Strong German (C1) and English communication skills. Certifications: ITIL v3/v4 required; SIAM, ISO20000 desirable.
-
- Account Manager - IT Services
- Germany
- €90000 plus OTE and Car
-
Are you a deal closer with a hunter mindset? Do you know how to uncover business pain points, and turn them into long-term digital transformation partnerships? Our Client are growing their sales force across Germany and looking for an ambitious, straight-talking Account Manager to take the lead on new client acquisition. You’ll focus on mid-sized to large enterprises across Germany helping to shape their digital future with tailored IT solutions in Workplace, Cloud, and Security. • Drive Growth: Own the full sales cycle for new business across your region. • Solution Sell: Build bespoke offers in Security, Digital Workplace and Cloud solutions • Build Relationships: Establish a solid pipeline through smart prospecting, marketing-driven leads, and your own network. • Represent a brand known for trust, delivery, and tech excellence—with 4,000 employees globally and a growing team within Germany. What You Bring • Proven new logo sales experience in the IT services space (not hardware!) • Deep knowledge in one or more of: Cybersecurity, Digital Workplace, or Cloud • Confidence to lead enterprise deals and pitch directly to senior stakeholders • Fluent German and good English skills Sind Sie ein Abschlussprofi mit Hunter-Mentalität? Wissen Sie, wie man geschäftliche Pain Points identifiziert und in langfristige Partnerschaften zur digitalen Transformation verwandelt? Unser Kunde baut derzeit sein Vertriebsteam in ganz Deutschland aus und sucht eine ambitionierte, ehrliche Persönlichkeit als Account Manager, die den Lead bei der Neukundengewinnung übernimmt. Ihr Fokus liegt auf mittelständischen bis großen Unternehmen in Deutschland, denen Sie mit maßgeschneiderten IT-Lösungen in den Bereichen Workplace, Cloud und Security den Weg in die digitale Zukunft ebnen. Ihre Aufgaben • Wachstum vorantreiben: Verantwortung für den gesamten Vertriebszyklus im Neugeschäft Ihrer Region. • Lösungsorientierter Vertrieb: Entwicklung individueller Angebote in den Bereichen Security, Digital Workplace und Cloud-Lösungen. • Beziehungen aufbauen: Aufbau einer stabilen Pipeline durch gezielte Ansprache, marketinggenerierte Leads und Ihr eigenes Netzwerk. • Marke repräsentieren: Werden Sie Teil eines Unternehmens mit 4.000 Mitarbeitenden weltweit und einem stark wachsenden Team in Deutschland – bekannt für Vertrauen, Verlässlichkeit und technologische Exzellenz. Was Sie mitbringen • Nachgewiesene Erfahrung in der Neukundenakquise im Bereich IT-Services (kein Hardwarevertrieb!) • Fundiertes Wissen in mindestens einem der Bereiche: Cybersecurity, Digital Workplace oder Cloud • Selbstbewusstes Auftreten im Umgang mit Enterprise-Deals und Entscheidungsträgern auf Top-Level • Verhandlungssichere Deutschkenntnisse und gute Englischkenntnisse