Great news hot off the press! Symantec certifications placed #3 and #9 of the top security certifications by salary, according to the recent Certification Magazine 2015 IT security salary survey. Here are a couple highlights from the article:

“Recent estimates project that, by 2019, there will be more than 1.5 million unfilled IT security jobs worldwide.”

“Certification offers a nice double benefit here: Rapid and comprehensive training for aspiring security professionals, and reassurance for hiring managers who want to pay a lot of money to the right person, with the right skills and knowledge.”

What’s also interesting about Symantec’s standing in the certification industry is that our primary competitors are vendor-neutral, product-agnostic companies who only specialize in IT security training and certification. As I socialize a proposed strategy to transform the value of Symantec’s certification program, some folks have asked: How will we or why would we compete with the vendor-neutral IT security certification companies such as ISACA, (ISC)², GIAC, and CompTIA? This survey highlights one reason why we should compete with those companies – people value the Symantec Certification brand as the largest IT cyber security company in the world; and, they are getting higher salaries as a result of branding themselves as Symantec Certified.

Related to the above, I recently met separately with two Symantec Trusted Advisors and asked them: Why get Symantec certified when there are so many other reputable vendor-neutral IT security certifications? They both explained that the vendor-neutral security certifications are more theoretical; and, while they might be complimentary for their careers, they don’t prove they have the knowledge and skill or even the correct product-specific language to do a job. In fact, one of the advisors explained how a customer might require them to take additional Symantec product training to prove they can apply their product knowledge to their organization. Both advisors emphasized that Symantec certification requires real-world experience. One further explained that his past two companies needed re-architecture and that “being Symantec Certified pulled more weight with the customer”. He went on to explain that those customers needed specific help and expertise for their Symantec product environments. “Being Symantec Certified opened more doors.”

My ask is for you to help spread this wonderful news with pride and help contribute to the overall Symantec brand. Want to take it step further? List Symantec Certification as a desirable or required requirement on technical job requisitions.

Thanks to all those who are Symantec Certified and who support the program!

On this Thanksgiving holiday we are incredibly thankful for our employees, customers, and partners. The Symantec Corporate Responsibility team wishes you and your families a bountiful holiday season!

I wanted to share with you about the most powerful tools that all IT peeps need to be aware of. It can help you to troubleshoot. It can help you to find what files are being written to the hard drive. It also can help you to monitor what is happening in the background.

And what are these tools?

They are Sysinternals!

A handful of small applications that will make your lives & jobs a LOT easier. Be the Geek of the department. (or something like that)

The best thing about these tools, do you know what it is? It's FREEWARE!

My favourite are:

* AdExplorer - Active Directory Explorer is an advanced Active Directory (AD) viewer and editor.
* BgInfo - Fully-configurable program automatically generates desktop backgrounds that include important information about the system (IP addresses, computer name, network adapters, etc)
* DiskMon - Utility captures all hard disk activity or acts like a software disk activity light in your system tray.
* SysMon - Monitors and reports key system activity via the Windows event log.

And the best ones that I use most of the time...

* Process Explorer - Find out what files, registry keys and other objects processes have open, which DLLs they have loaded, and more. This uniquely powerful utility will even show you who owns each process.
* Process Monitor - Monitor file system, Registry, process, thread and DLL activity in real-time.

You can download one of them from Microsoft Sysinternals website - https://technet.microsoft.com/en-gb/sysinternals/bb545027

Or download the whole thing - Sysinternals Suite - https://technet.microsoft.com/en-gb/sysinternals/bb842062

So what tools do you use to troubleshoot? Do share!

オンラインセキュリティをめぐる消費者のマインドセットについて、ノートンによる理解を深めるために、シマンテックはオンライン犯罪の現状と、消費者に及ぶ影響を分析する調査を実施しました。「Norton Cybersecurity Insights Report（ノートン サイバーセキュリティインサイトレポート）」は、以下のような内容になっています。

• サイバー犯罪が引き起こす感情的な代価を明らかにする。
• どの国が最も攻撃を受けやすいかを突き止める。
• オンライン犯罪に関する経験と認識について、世代間差を調べる。
 

• セキュリティの感情的な観点を明らかにする。

「Norton Cybersecurity Insights Report」では、全世界 17 の市場について、モバイルデバイスを 1 台以上所有している 18 歳以上の成人 17,000 人を対象にアンケート調査を行いましたが、その結果は驚くべきものでした。完全版レポート（英語）はこちらからダウンロードできるので、詳しい結果もご覧いただけますが、企業に役立つ主な発見をいくつか、ここでもご紹介しておきます。

• 過去 1 年間で、オンライン犯罪の被害を受けたことがある人は、593,752,900 人に達している。
• ニュースになるほど顕著なデータ侵害は後を絶たないにもかかわらず、適切に自分の身を守るために必要な対策をとっていない消費者も多い。安全なパスワードを「常に」使っている消費者は半数未満である。
• なりすまし犯罪の可能性は以前より高くなったと 61% が考えている。

オンライン犯罪によるユーザーへの被害を企業が考慮すべき理由

米国では、責任のなすり合いをしません。オンラインセキュリティは個人と取引先企業との共同責任であると考える人が 10 人中 8 人に達しています。

 1. 消費者は、企業における情報保管の安全性を全面的には信頼していない。

• 米国で、クレジット情報やオンラインバンキング情報をクラウドに保存するのは、シートベルトを着用しないことより危険であると考える消費者は、半数をわずかに超える（51%）程度である。
• 10 人中 8 人近く（78%）が、クレジット情報は財布からよりもオンラインで、または小売店のシステムを通じて盗み出される確率のほうが高いと考えている。

2. 消費者は、データ漏えいが起きた後の結果に対処したくないと考えている。

• デビットカードやクレジットカードの取り消しを処理するくらいなら、友人とのディナーをキャンセルするほうがいい。そう考えるユーザーが 51% に達する。

• セキュリティ侵害後のカスタマサービスに対応するくらいなら、デートが台無しになったほうがいい。そう考えるユーザーが 46%。

• ID 情報の盗難に対処するほうが、飛行機で泣きやまない子どもの隣に座るよりストレスが大きい。そう考える人が 31%。

3. 時は金なり。時間を浪費するのは、同じくらい苛立たしいもです。

• 米国の消費者は、オンライン犯罪による影響への対処に 1 日以上（平均 17 時間）を費やしている。

• オンライン犯罪の被害者のうち 41% は、オンライン犯罪を経験した後で「激しく怒っ」ている。

請求書の決済、購買、取引など事業のかなりの部分はオンラインで行われているため、財務情報の漏えいによる影響に対処するのは、むやみに大変です。サイバーセキュリティは二重のプロセスです。消費者にできるのは、個人を特定できる情報を保護することくらいです。今回のレポートで明らかになったように、取引先の企業にも責任の一端はあるとユーザーは考えています。

【参考訳】

Register to attend Veritas Enablement Update here: http://bit.ly/1l7gXXX

Join us on 9th December at 14:00 GMT to explore the latest enablement campaigns and resources to help you:

Explore your Opportunity 

Enable your Capability 

Empower your Performance 

We look forward to helping you engage, enable & grow your Information Management business in partnership with Veritas.

Suggested Tweet:
#VtasPart register at http://bit.ly/1NKYxn2 for 9-DEC Enablement Update Webinar to Explore, Enable & Empower Success with @veritastechllc.

“Climate change is one of the great challenges of our time, and the time for meaningful action on a global scale is now. At Symantec we believe moving to a low carbon economy requires innovation and cooperation. We hope others will join us in this important mission.”  - Michael A. Brown, Symantec President and CEO

This week marks the beginning of the COP21– the 21st Conference of the Parties – where leaders from 150 nations have gathered in Paris, along with 40,000 delegates from 195 countries, to address climate change on a global political level. Since the 1992 Earth Summit in Rio de Janeiro, global conferences of this nature have taken place on an annual basis. Why is this conference so important? While climate negotiations have been happening for over the past twenty years, this year the expected outcome of the 2015 Paris Climate Conference is anew international agreement on climate change, applicable to all, to keep global warming below 2°C. This means establishing greenhouse gas reductions on a global scale.

Symantec supports and encourages efforts globally to pursue comprehensive climate change action. We believe that a political response is critical for tackling climate change – both for mitigating risk and boosting economic growth. Government involvement is one avenue out of many that are necessary. A strong, international coalition of governments, businesses, and civil society organizations is required to effectively address the complicated climate challenges we face. We stand in commitment to doing our part to mitigate climate change and support strong action by the US government in the COP21 climate negotiations.

Symantec Backs a Low-Carbon USA

Today, Symantec joined over 100 leading U.S. companies in voicing support for a shift to a low-carbon future. The Wall Street Journal advertisement, “Business Backs Low Carbon USA,” is a call for strong action to tackle climate change and a demonstration that top companies across major sectors support US leadership in the COP21 negotiations. We each have taken steps to address climate change and together we stand in recognition that corporations are part of the solution. The decisions made at the Paris Climate Conference will set the course for the climate strategies implemented by businesses going forward. In the Wall Street Journal ad, the companies encourage the US government to:

• Seek a strong and fair global climate deal in Paris that provides long-term direction and periodic strengthening to keep global temperature rise below 2°C
• Support action to reduce U.S. emissions that achieves or exceeds national commitments and increases ambition in the future
• Support investment in a low-carbon economy at home and abroad, giving industry clarity and boosting the confidence of investors

Symantec also joined the Obama Administration and 140 other companies in the American Business Act on Climate Pledge in support of a strong outcome in the COP21 climate negotiations:

We applaud the growing number of countries that have already set ambitious targets for climate action. In this context, we support the conclusion of a climate change agreement in Paris that takes a strong step forward toward a low-carbon, sustainable future.

We recognize that delaying action on climate change will be costly in economic and human terms, while accelerating the transition to a low-carbon economy will produce multiple benefits with regard to sustainable economic growth, public health, resilience to natural disasters, and the health of the global environment.

At Symantec, we believe that the transition to a low-carbon economy is important for sustainable economic growth. We believe that company action, in partnership with stakeholder collaboration, is key to both mitigating risk and finding opportunity during this transition. 

We pledge to:

• Play our part in realizing the GHG emissions reductions that climate scientists tell us are needed in order to avoid the worst effects of climate change.  We will set a science-based goal early in 2016 to guide our GHG emissions reduction efforts.
• Continue to lend our voice to those calling for a meaningful clean energy policy framework, including through our participation in the Business for Innovative Climate and Energy Policy (BICEP) project.
• Work with others, including our peers, customers, data center vendors and utilities, to leverage our collective knowledge and resources in addressing climate change. We will continue our collaboration with others in the technology sector to promote increased data center access to and use of renewable electricity through the BSR Future of Internet Power initiative.

Working to Address Climate Change through our Operations

Symantec is currently involved in climate action in a variety of ways and we also continue to identify opportunities for improvement. We joined the Business for Innovative Climate and Energy Policy (BICEP) in 2009, a coalition that calls for strong US climate and energy policies to spur clean energy production and usage and reduce carbon pollution. We are collaborating with other ICT companies by participating in the BSR Future of Internet Power initiative to promote clean energy growth, such as endorsing the use of renewable energy by colocation vendors. We have also reported publicly on our GHG emissions since 2009, including through the CDP, an investor- and corporate customer-led initiative to rate companies for their emissions transparency and reductions. Tracking our GHG emissions has allowed us to identify areas for improvement. We are applying green building standards to our buildings and making energy efficient system changes at our data centers, often through the use of our own software and technology. Our data centers and offices account for 75% of our emissions and represent our most significant opportunity for improvement.

We’re proud to stand with other business and political leaders, calling for decisive action to curb climate change. The threat is real. The time for action is now.

Cecily Joseph is Symantec's VP, Corporate Responsibility and Chief Diversity Officer

What is #GIVINGTUESDAY? It's a global day dedicated to giving back. On Tuesday December 1, 2015 charities, families, businesses, community centers, and students around the world come together to celebrate generosity and to give.

It's a simple idea, just find a way that you, your family or your organization can do something to share with someone else.

As the holidays approach, everyone gets caught up in the season of giving. As IT professionals, this time of year allows us to share a gift with our users, which actually can help them give an even greater gift to us in return—the gift of users educated in ways that make our jobs easier. Give your users the gift of patience—and these tips—to keep yourself from becoming an IT humbug.

SECURITY

TIP #1: Phishers often trick employees into installing malware, or gain intelligence for attacks by claiming to be from IT. Appoint someone on your team to contact IT if your department receives suspicious calls.

TIP #2: Avoid leaking intellectual property. Sharing a picture with a whiteboard or computer screen in the background online could reveal more than a competitor should see.

TIP #3: Report security warnings from your anti-virus software to IT immediately, don’t assume they know about all threats that occur.

TIP #4: Alert IT before you travel if you’re going to be using public wireless Internet, and make sure you know how to connect to the company’s Virtual Private Network (VPN).

TIP #5: Be wary of links in emails from senders you don’t recognize. Phishers prey on employees who open links and attachments without checking them out, opening the door to malware.

BEHAVIOR

TIP #6: Don’t steal. Taking intellectual property and divulging professional secrets are likely against corporate policies. Your company may track the movement of sensitive documents and you could get into hot water.

TIP #7: Read your company’s Acceptable Electronic Use (AEU) policy, and follow the policies for safe use of your system and devices.

TIP #8: When backing up to cloud services, consult the IT department for a list of acceptable cloud solutions first. Organizations can make this part of their AEU policy and make it a fire-able offense.

SUPPORT

TIP #9: Call IT before you get in over your head. Often what starts as a simple update can be made more complex by attempting to “fix” the problem.

TIP #10: When you Bring Your Own Device, ask your IT department if your device is approved to receive corporate data before you upload anything to it. Use officially sanctioned applications to access sensitive documents. 

TIP #11: Learn the process for allowing IT to connect virtually to your system. This can save time when you contact support and they need access to resolve an issue.

TIP #12: Learn basic computer hardware terms. This can save valuable time when you contact support and don’t have to describe the “mouse connector-thingy.”

Employees are on the front lines of information security. The more that can be done to regularly educate and remind them of the small things they can do goes a long way towards protecting your organization.

As our holiday gift to you unsung hero IT admins, we thought we’d provide some useful tips to pass along to employees to help make your job a little bit easier next year. Feel free to download and share!

{Editor's note: This article was previously published on 12-02-14 but has been updated}

Today’s cybercriminals are skilled enough and sufficiently resourced to have the persistence and patience to carry out highly successful attacks on consumers, businesses and governments around the world. Their efforts have turned cybercrime into big business with private information being stolen on an epic scale.

In 2015, we saw how much consumer confidence was rocked by the number of mega breaches that exposed the identities of millions of people. The ability for some organizations to recover from a data breach was paralyzing as we saw in the Ashley Maddison data breach.

There is no magic-bullet technology that will guarantee immunity from Internet crime or determined, targeted attacks, but being prepared for the worst can prevent some attacks. So, what lies ahead for 2016?  What will be the biggest threats that will target consumers and businesses? How will some of the newest technology trends impact privacy and regulation? And how will businesses respond to data breaches when it is no longer a matter of if, but when you will be breached?

As the year draws to a close, Symantec’s security intelligence team has put together the top security predictions for the year ahead and beyond. Here are our top picks for 2016 -

1. The Need for Improved Security on IoT Devices Will Become More Pressing

   As consumers buy more smart watches, activity trackers, holographic headsets, and other Internet of Things (IoT) devices, the need for improved security on these devices will become more pressing.

   According to a Gartner report titled Agenda Overview for the Internet of Things, by 2020 close to 30 billion connected things will be in use across a wide range of industries and the IoT will touch every role across the enterprise. There’s no doubt the market for Internet of Things–ready devices is growing but it is still very frag­mented, with a rich diversity in low-cost hardware platforms and operating systems. As market leaders emerge and certain ecosystems grow, the attacks against these devices will undoubtedly escalate, as we’ve already seen happen with the attacks on the Android platform. The good news is that OS makers, in particularly Apple, are making good strides in enforcing security in the eco-systems they support, such as HomeKit.

   In addition, the evolving concept of “care is everywhere” may see medical device security become a mainstream topic in 2016. It’s widely known that life-sustaining devices like pacemakers or insulin pumps can be hacked. Fortunately, to-date, no such case has been reported outside proof-of-concept security research; however, the potential impact remains high. Under the evolving umbrella of mobile health, or mHealth, new care delivery models will move devices into the patient’s home. This will place medical devices on public networks, provide medical apps through consumer devices such as smartphones, and interlace personal data with clinical information.

   With these changes happening so rapidly, regulation may be forced to catch up with technology in 2016. We may find that some countries or industries will begin to develop guidelines that address the new risks of information use, data ownership, and consent presented by IoT devices.
    

2. Opportunities For Cybercriminals To Compromise Apple Devices Will Grow

   Apple devices have experienced a surge in popularity in recent years. According to IDC, the company now accounts for 13.5 percent of global smartphone shipments and 7.5 percent of global PC shipments. This increase in usage has not gone unnoticed by attackers. A rising number of threat actors have begun developing specific malware designed to infect devices running Mac OS X or iOS.

   Although the number of threats targeting Apple operating systems remains quite low when compared to the company’s main competitors (Windows in the desktop space and Android in mobile), the amount uncovered has grown steadily in recent years. In tandem with this, the level of Apple-related malware infections has spiked, particularly in the past 18 months.

   Security researchers have also given a greater focus on vulnerabilities in Apple software, with a number of high-profile flaws uncovered in the past year. Zero-day brokers have begun offering bounties for Apple vulnerabilities, with US$1 million paid recently for a jailbreak of iOS 9.1.

   Should Apple’s popularity continue to grow, it seems likely that these trends will continue in 2016. Apple users should not be complacent about security and change their perception that Apple devices are “free from malware”- this perception opens up opportunities for cybercriminals to take advantage of these users. They need to take precautions in order to prevent their devices from being compromised.
    

3. The Battle Between Ransomware Gangs and Malware Distribution Networks Will Heat-Up

   From early beginnings in Russian speaking counties, ransomware has evolved and spread into Western Europe, the United States, Canada, Australia, Europe and Asia. It is likely that some of the gangs responsible for the original ransomware are part of this expansion, but other established criminal gangs are also becoming involved. Clearly, the fraud is profitable for criminals and is likely to increase.

   It is also possible that ransomware gangs will come into conflict with more traditional malware distributors in 2016. Ransomware infections are overt and obvious, while most other malware infections are covert and discreet. The presence of ransomware on a computer will usually prompt the computer owner to clean the machine thoroughly, removing any malware from it. As the ransomware may have been installed by a separate piece of malware, that other malware will also be removed, cutting into the malware operator’s business model.

   In 2016, more malware distribution networks may soon refuse to distribute such obvious malware, forcing the ransomware gangs to develop their own distribution methods (like Trojan.Ransomlock.G and Trojan.Ransomlock.P have already done).

   As awareness of these scams increases, the attackers and their malware are likely to evolve and use more sophisticated techniques to evade detection and prevent removal. The “ransom letter” will likely also evolve and the attackers will use different hooks to defraud innocent users.
    

4. Cyber Attacks and Data Breaches Will Drive the Need for Cyber Insurance

   When we look at the rapid adoption of cyber insurance, there are two key factors that attribute to this growth: new regulations which obligate companies to respond to information breaches; and the increase of cyber criminals using stolen information for payment fraud, identity theft, and other crimes.

   Cyber attacks and data breaches cause reputational harm and business interruptions, but most of all—they are expensive. Relying on IT defenses alone can create a false sense of security; however, no organization is immune from risk. In 2016 many companies will turn to cyber insurance as another layer of protection, particularly as cyber attacks start mirroring physical world attacks.

   Cyber insurance offers organizations protection to limit their risk, but companies should consider all coverage options carefully. It’s not about checking off a box; it’s about finding a policy that protects an organization’s brand, reputation, and operations if faced with a breach.

   Cyber insurance is evolving as fast as technology. What is considered core coverage today was not available as little as three years ago, and enhancements to coverage will continue to be negotiated in the marketplace every day as data breaches and cyber risks evolve.
    

5. Risk of Serious Attacks to Critical Infrastructure Will Increase

   We have already seen attacks on infrastructure and in 2016 we can expect this to continue to increase. Motivations for critical infrastructure attacks are both political and criminal, with nations and political organizations operating cyber-warfare campaigns, and criminals attacking for profit or ransom. The industrial IoT is becoming more connected due to requirements and demand for reporting and improved functionality through connectivity with additional services. These changes introduce bigger attack surfaces into the more traditionally hard to secure environments.
    

6. The Need for Encryption Escalates

   Encrypt everywhere is quickly becoming the mantra of the technology industry. With so much communication and interaction between people and systems happening over insecure and vulnerable networks like the Internet, strong encryption for this data in transit has been well recognized for some time and it is generally implemented.

   Unfortunately many new devices and applications have had poor implementations, leading to vulnerabilities that allow focused attackers to gain access to communications. For example, the mobile device has become center of most peoples’ lives for communications, data storage and general technology interaction. This presents a high value target for cybercriminals, who are looking to exploit this. Mobile OS makers continue to make improvements to the encryption of their products to fill in the gaps from the application and service makers. While this trend of encrypting more is good for protecting user data from cybercriminals, it has also raised the ire of governments who believe this be a hurdle for law enforcement. It seems that the crypto-wars of the 90’s may be repeated in the next two years.
    

7. The Tipping Point for Biometric Security Is Approaching

   The last two years have seen a significant rise in the use of biometrics. This is expected to grow significantly with major industry players implementing new capabilities both with new sensors in devices and with adoption of biometric authentication frameworks like FIDO and TouchID. This facilitates secure on device storage of biometric information (like fingerprints) as well as interoperability between apps and systems. What this means is that biometrics can finally answer the "what’s in it for me” question that consumers have been asking, while replacing passwords with strong traditional PKI authentication protected by the biometric sensor. The consumer gets better security with significantly increased convenience for device unlocking, purchasing and payments. This also is leading to enterprise adoption of biometrics that may start to see a reduction on the dependence on passwords.

8. Security Gamification and Simulation Will Tackle the Security Awareness Challenge

   Internet security relies on the human element as much as it does on technology. If people were more skillful, they could help reduce the risks they faced. This is as true of consumers avoiding scams as it is of government employees avoiding the social engineering in targeted attacks.

   In this context, security gamification will be used to turn “the desires of the moment” into lasting changes of behavior by using the psychological rewards and instant gratification of simple computer games. Security Gamification could be used, for example, to train consumers to be wary of phishing emails or to generate, remember, and use strong passwords. Symantec sees a big market opportunity and a great need for this kind of training in 2016.

   Companies will also invest more in preparing for security breaches and understanding their defenses better by using simulations and security “war games.” By extending conventional penetration testing into a simulated response and remediation phase, companies can train their employees and improve their readiness. This message is not lost on governments. In January 2015, UK Prime Minister David Cameron and U.S. President Barack Obama agreed to carry out “war game” cyber attacks on each other. Companies could follow their example in 2016.

The brutal reality is that no enterprise – regardless of size or industry – is immune from attacks on their information and systems. Yet many organizations are still leaving themselves open to onslaughts, which can cause untold damage both financially and to their reputation.

Worse still, even those who have shored up their defenses to the maximum are getting hit. Why? Because the very nature of what constitutes an attack has changed. In spite of every effort being taken to prevent breaches, today’s highly sophisticated adversaries can eventually find a way around the most rigorous defenses. The well-aired axiom of ‘when, not if’ has become the starting point for any organization that is serious about its approach to information security.

The scale of the problem is clearly identified in Symantec’s 2015 Internet Security Threat Report (ISTR).  In 2014, Symantec observed advanced attackers:

• Deploying legitimate software onto compromised computers to continue their attacks without risking discovery by anti-malware tools
• Leveraging a company’s management tools to move stolen IP around the corporate network
• Using commonly available crime ware tools to disguise themselves and their true intention, if discovered
• Building custom attack software inside their victim’s network, on the victim’s own servers
• Using stolen email accounts from one corporate victim to spear-phish their next corporate victim
• Hiding inside software vendors’ updates – in essence, ‘Trojanizing’ updates to trick targeted companies into infecting themselves

Given the stealth of activity, it is not uncommon that Symantec’s Incident Response teams when investigating a known breach often discover additional incidents in progress.

At Symantec, we believe that while compromise may be inevitable, data breach does not have to be and we help organizations prepare, and respond quickly to incidents, by following forensically sound procedures to collect, preserve and analyze evidence. By working closely with enterprises, focusing on the proper aspects of people, process and technology, Symantec’s goal is to ensure that companies can effectively prepare for incidents and avoid many of their negative impacts.

How do we achieve this? Our Managed Security Services, DeepSight Intelligence, Cyber Skills Development, Incident Response (IR) and Security Technology and Response teams combine to provide rich analysis of incidents, to deliver a clear understanding of the depth and breadth of any particular incident, so the root cause and nature of the incident is identified quickly – and then eradicated.

Most importantly, Symantec assesses and trains an organization’s team, helping to maximize resources and add new skills expertise. We also ensure that all of the essential IR tools are firmly in place to properly detect, analyze, contain and eradicate threats as they surface.

To protect your organization’s reputation and information, it is critical to develop an incident response program “with clearly delineated roles and responsibilities for quickly discovering an attack, effectively containing the damage, eradicating the attacker’s presence, and restoring the integrity of the network and systems”.

CYBER INSURANCE & IR

An important factor that can get overlooked is the role that IR plays when it comes to qualifying for cyber insurance. Insurance companies are looking for a risk response strategy that not only covers the breach itself, but also advances preparation for such a breach. Insurers are turning increasingly to companies like Symantec to help them with the underwriting and IR, as this helps insurers mitigate the cost by having a qualified group of individuals participating.  In fact, a risk response strategy is becoming increasingly important, as we are seeing more and more insurance push backs involving companies that prove to be unprepared for a cyber-attack.

Unsurprisingly, currently 52% of large organizations and 35% of small organizations take out insurance that would cover them in the event of a breach. However, that means far too many would still be left heavily exposed, were a breach to occur. Organizations should be mindful of the ‘when, not if’ maxim and take those key steps recommended to keep their businesses well protected – in every sense of the word.

To help organizations gain a better understanding of cyber insurance, Symantec recently teamed with a group of security experts to deliver a whitepaper that addresses how organizations can get the most from cyber insurance.

At Symantec, we leverage the talent of our people, empowered with innovative technologies and tested processes to provide customers with an integrated end-to-end approach to proactively address their security needs and improve their overall cyber security resiliency.