Beginning June 10, 2016, partners will have access to a new and improved Symantec University. In preparation for this improvement, Symantec University will not be available from June 6-9. Once the new system goes live, you will find links to easily navigate to Sales, Technical Sales, and Certification Training and more.

It’s important that you are prepared for this brief shutdown period. During this time, you will not be able to register for classes or view your transcripts. You are encouraged to complete any courses you have in progress before June 6. Your transcripts recorded after May 2015 will migrate to the new system – if you need records prior to May 2015, please click on the Export to PDF button on the Transcript page before 6 June to create a pdf record.

New Features and Updates:

• Easier to navigate and find the courses you need to improve your sales and technical skills

• Improved dashboard and real time reporting to see metrics and completed training

• Compatibility with more web browsers for both Windows and Mac, and improved player functionality.

• Better search capability

• Learning paths that help you progress easily through Symantec Sales and Technical Sales accreditations, and prepares you for Symantec Certified Specialist exams.

• Informative videos that help you learn to navigate the site and launch training

For a preview of what you’ll see starting June 10 when you log on to Symantec University for Partners click here. Once the new site is live on June 10, you will need to agree to Terms and Conditions of use. If you have questions regarding Symantec University for Partners or the migration to the new System, please contact the Symantec Enablement Team. More information will be made available for partners on Connect

Blog Feature Image: 

Innovation_Blog_v2_2.png

The technology we build today is impressive, but compared to what technological innovation the future brings, we will be truly amazed. What we build is going to change the world, society, and the way we live.

With new technology, however, comes new challenges. In the pursuit of convenience, there will most likely be a compromise of design, privacy, and security. And that’s the potential downside to advancement. How should we, as technologists, approach innovation then? Carefully and thoughtfully.

Here’s why.

Every Innovation Carries Intended and Unintended Consequences

In the coming decade, the internet will be used as a platform on which solutions that radically change the way we live will be built. Cisco predicts there will be 20 billion connected devices by 2020―that’s over twice as many devices as people on the planet. This is very exciting (especially for technologists like me), but we need to start asking “should we?” as well as “could we?” as these solutions evolve.

Engineers are great at solving problems, but they are not trained or motivated to think about what unintended consequences might arise from their inventions. For example, with the emergence of the Internet of Things (IoT), internet-connected devices—from cars to medical devices—are at risk of being hacked. Science has evolved and can help here—but it’s not computer science. I believe that the social sciences (psychology, sociology, and criminology) have a bigger role to play in technology innovation in the coming years.  

How to Approach Innovation and Security

In the next few years, then, IT will move from having technical relevance to having societal relevance. With that said, innovation cannot just focus on making processes faster or abstracting their complexities and shortcomings. Innovation must go deep. We must question the very way in which we go about protecting our businesses. Too much of what the security industry is doing is making micro-adjustments to things that we already do and claiming “innovation." As an example, a new firewall with a slightly different approach to sandboxing is not meaningful innovation, but correlating the firewall with multiple other control-points is.

As innovators, we need to rip up the old rules and think about the problems at hand with new eyes. The industry must ask themselves, “Is there a completely new approach we take? How does this impact our customer? How can we stay steps ahead of quickly evolving cybercrime?”

In the past, we were able to retrofit technology with security. But as innovation pushes technology forward, we may not be able to retrofit privacy and security into old devices. In the future we have to build security into these devices.

Without serious innovation, cyber criminals will continue to win in what is, basically, an unfair war waged against legitimate business. And many enterprises are currently losing ground in this cyber security battle because cyber criminals are fast, technologically advanced, and have no requirement to play by the rules.

Symantec’s Long History of Innovation

Symantec’s part of all this technological innovation is mitigating risks. We’re engaged with manufacturers of all industries as they develop internet-connected devices. Our innovation focuses on properly leveraging our considerable assets to solve problems that other companies are unable to solve. Integration and correlation help our customers solve their biggest security challenges. The answer to all of our questions around “What should we do next?” lies with our customers.

Blog Feature Image: 

bluelock.jpg

証明書を公開ログに記録することにはメリットがある一方、顧客の多くには、プライベートと見なしている内部ドメイン名をログに残したくないという需要があります。そのメリットと需要の両立が重要だということを、筆者の前回のブログでお伝えしました。

（IETF）Internet Engineering Task Force も、この重要性を認識しており、Certificate Transparency（証明書の透明性、以下 CT）仕様の最新版では、情報の非公開手法のサポートについて着実な進展を見せています。この仕様の進展に準じて、シマンテックは間もなく、証明書を要求するときにお客様がサブドメイン情報の公開を除外する「Name Redaction」オプションを追加する予定です。この機能を利用するお客様には、シマンテックが発行した証明書の監視も行いつつ、プライバシー保護も実現できるという大きなメリットがあります。

一例を示します。

Name Redaction機能の導入に伴って、現在の「オプトアウト」オプションはツールから削除されます。オプトアウトを削除するのは、なぜでしょうか。前回のブログでお伝えしたように、プライバシー問題に対する解決策にはなるものの、オプトアウトは最適とは言えません。すべての証明書が記録されないので、ギャップを生じることになるからです。かわりに、一部を非公開にすることで、お客様が各自のドメイン名を監視するというメリットを維持しながら、プライバシーに関して起こりうるニーズにも対処することができます。つまり、シマンテックは証明書すべてと、証明書情報すべてをデフォルトで記録するようになります。Name Redactionを選択する場合は、セキュリティとプライバシーのポリシー上の必要性がある場合にのみに限定すべき点、Name Redactionしていない証明書に対する監視はより容易である点などに注意ください。

Google社 の Chrome は、今のところ CT をサポートしている唯一のブラウザですが、同社はName Redaction機能の対応予定についても、またその時期についても特に発表していません。したがって、お客様がサブドメイン情報をName Redactionした状態でログを記録することを選択した証明書に遭遇した場合に、Chrome では「信頼できません」という警告が表示されます。そのため、ブラウザベースの社内アプリケーションを使っており、証明書のドメイン情報についてプライバシーが重要な場合には、別のブラウザを利用いただくか、シマンテックのプライベートSSLをご利用いただくことなどが考えられます。

シマンテックは CT を完全サポートしており、Name Redaction機能の追加後にも、信頼できる証明書は公開ログへすべて記録します。ただし、特にお客様自身の情報をめぐるプライバシーが関係する場合には、オプションを用意することも大切だと考えています。CT ポリシーにおけるこのバランスについて論じるディスカッショングループで、お客様、パートナー様、そして広くインターネットのエコシステム全体で積極的にご意見をあげていただくことをお勧めします。

【参考訳】

Symantec participates in and supports the Department of Defense (DoD) Coalition of Apple Engineers (CAE). The DoD CAE is an initiative to bring together engineers throughout the Defense and Federal Government arena who are tasked with implementing one or more of the various Apple technologies. Specifically, the CAE was developed to share different approaches in implementing iOS and Mac OS X devices. Their monthly meeting keeps members up to date on the current iOS/OS X "STIG" (Security Technical Implementation Guide) and "SHB" (Secure Host Baseline) approval status, NIST (National Institute of Standards and Technology) releases, and much more.

Advanced cyber research by Symantec demonstrates that global threats targeting Apple products have steadily grown over the past two years. Symantec's research shows that jailbroken devices tend to be the focus of most of these threats. Fortunately for DoD and related Federal agencies, the military and Federal workforce are disciplined and well trained in cyber defenses and therefore don't deliberately jailbreak their Apple devices. However, according to Dick O'Brien of Symantec, "While the total number of threats targeting Apple devices remains quite low compared to
Windows in the desktop space and Android in the mobile sector, Apple users cannot be complacent. Should Apple platforms continue to increase in popularity, the number of cybersecurity threats facing Apple users will likely grow in parallel." O'Brien authored a Symantec whitepaper entitled"Security Response: The Apple Threat Landscape," which can be found on-line at: www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/apple-threat-landscape.pdf

Eligible participants in the DoD CAE include Government Managers and/or Engineers and Contract Managers and/or Engineers who are sponsored by their respective Government agencies. Third party vendors are also welcome. Take a look at their website Caution-dodcae.osd.mil.  If you have questions, please contact the Coalition Support Desk at osd.dodcae@mail.mil.

There’s no doubt that the IoT improves our lives in countless ways, whether that be through the use of connected cars, smart cities, consumer electronics or medical devices, for example. These technologies can change our lives. Just take the last of these, medical: we’ve seen prototypes of a new contact lens that can read a diabetic person’s blood glucose levels and let them know visually if anything is wrong, in addition to countless devices that better connect doctors and patients.

The rush to embrace such technology speaks for itself, with the semi-conductor industry alone producing 20 billion microcontrollers a year. Yet wherever new technologies take hold and start to proliferate, the hackers and attackers are never far behind. And the same is true of the IoT – which means protecting all of those connected devices has never been so necessary or urgent.

For many organizations, getting this right means a fundamental shift in mindset. In the era of the PC/datacenter, security has been most easily delivered either by disk or by download. With IoT/Cloud, security must be integrated by design to be truly effective.  That calls for an entirely new approach.  That’s especially true given how device makers in IoT often try to tightly control all software, including security software, on their devices, and especially given how the hardware and software architectures of these devices are so heavily fragmented by vertical.

The list of contrasts goes on, but you get the picture: that this is a very different world in which organizations operate, and one to which they are more and more drawn by its enormous potential – as are those who would seek to exploit any weaknesses in their armory.

Unfortunately, no single silver bullet ever delivers truly effective security.  Effective security has to be composed from a short list of crucial ingredients.  For simplicity, we frame those ingredients as four cornerstones. What then are the key cornerstones of IoT security?  If you design your systems to effectively protect communications, protect devices individually, manage large numbers of devices over time, and have a security analytics capability to detect threats beating the first three cornerstones, then you’ll have a strong fighting chance even against the most sophisticated adversaries.

To effectively protect and manage devices, security must be built in to the end device; especially since, for such tightly integrated devices, it often can’t be bolted on later. The good news is that suppliers are proving increasingly willing to build in proper security, particularly where customers specify the level and types of security they require.  Where customers struggle to effectively specify their security requirements to the equipment vendors from whom they buy, those customers can work with a leading security partner to get those requirements right.  That way, all of the necessary ingredients for authentication, encryption, runtime security, and long-term update capabilities can be properly built into such equipment, and that’s where real progress begins.

With so much good security technology on the market from so many vendors, the real challenge is making security easy enough to embed into all of the radically different types of systems out there; really tailoring it for each vertical, so it sits well in each vertical, such as Symantec’s new automotive anomaly detection solution where we took world-leading security technology and made it simpler for automakers to deploy in cars and trucks. By making top-level security easier to deploy, we’re making it easier for top brands to protect themselves both in things they build and things they buy.

Meet me at Gartner Security and Risk Management Summit in a couple of weeks where I will be presenting on how the CISO and CIO can ensure corporate IoT has security built-in and how they can manage risk from employee owned IoT. You can also visit our booth #303. See you there!

There are few organizations not acutely aware of the massive number of data breaches that are occurring all around them – whether that be within an enterprise just down the block from them or one on the other side of the global. Only go on your laptop, mobile device, pick up a newspaper or switch on the television news, and you will be subjected to the full, lurid details of one disastrous invasion after another.

Mostly, it is the big players that are featured but these are just the eye-catchers and represent a small fraction of the total number of victims of a data breach – one that is constantly rising, as the 2016 Symantec Internet Security Threat Report (ISTR) makes painfully clear:

• A New Zero-Day Vulnerability Discovered Each Week
• Half a Billion Personal Records Stolen or Lost
• Vulnerabilities Found in Three Quarters of Websites
• Spear-Phishing Campaigns Targeting Employees Increased 55 Percent
• 100 Million Fake Technical Support Scams Blocked

And yet it doesn’t have to be like this. Data breaches of this nature are preventable by having the right encryption controls in place. The fact that so many enterprises fail to implement these controls in today’s increasingly hostile breach environment beggars’ belief. They need only consider the negative impacts to any organization that experiences such a breach.

First, if the organization did not have a control in place, like encryption, when they experienced a data breach, then that organization is required to notify their governing agencies and the victims. This leads to media coverage and the inevitable ‘naming and shaming’ that goes with this. This can lead to a tarnished reputation, which impacts current and future business opportunities.

Also, there are many financial downsides associated with data breaches. For example, the average cost to recover from a data breach is $3.79 million. This does not include future potential costs from a damaged brand etc. Equally, ‘lost time and productivity’ is another major price to be paid.

Equally, compliance figures largely where data breaches occur. There are privacy laws and security regulations in place to help prevent the negative impacts of data breaches. There are audits that occur to ensure your organization is compliant and there are audits that occur after an organization experiences a data breach. If certain measures were not taken, these organizations are required to pay fines, and notify governing bodies and their victims.

So, what does encryption offer that removes organizations from this nightmarish scenario? It delivers two main benefits:

1. It protects sensitive data or information, wherever it resides – whether it is at rest or in motion
2. It helps ensure that organization is compliant with data privacy and/or security regulations.

That’s exactly what Symantec Endpoint Encryption delivers. And now, with the release of Symantec Endpoint Encryption 11.1.1, the best of PGP and GuardianEdge encryption solutions has been married into a single, robust platform, while coverage has been expanded to meet the on-going and ever-changing needs of enterprises, including some of the largest entities in the federal, banking and healthcare verticals.

For more details about Symantec Endpoint Encryption go here.

Blog Feature Image: 

bluelock.jpg

在我之前的博文中，我提到过，在公开导入证书的好处和许多客户对于防止导入内部隐私域名的需求之间，我们需要找到一个平衡点。

互联网工程任务组(IETF)也认识到了这方面的重要性，并已在证书透明(CT)规范的最新版本中为支持名称编辑取得了切实进展。基于此进展，赛门铁克将很快为客户添加“编辑”选项，以便在请求证书时免除发布子域信息。该功能可让客户充分享受监测赛门铁克所发布证书的各项好处，并且可以获得所需的隐私保护。

示例如下：

通过引入编辑功能，我们将从工具中移除目前的“退出”选项。为什么要移除“退出”选项？正如我在之前文章中所提到的，“退出”虽然可以解决隐私问题，但却不是一个最佳方案，因为它会产生一个无法导入所有证书的缺口。通过为证书提供编辑功能，我们仍然可以让客户享受监测其域的各种好处，同时满足他们在隐私方面的潜在需求。简而言之，赛门铁克会默认导入所有证书及其信息。只有在客户的安全和隐私政策要求进行编辑时，才应选择使用编辑功能，并且客户应了解使用未编辑证书可简化监测。

谷歌的浏览器是目前唯一支持证书透明的主要浏览器，但是谷歌还没有宣布Chrome何时以及是否会支持编辑功能。所以当客户选择使用已编辑子域信息导入其证书时，Chrome就可能在遇到这些证书时显示“不可信”警告。因此，如果客户拥有基于浏览器的内部应用，并且证书域名信息的隐私非常重要时，可考虑更换浏览器或者使用我们的某个私人证书颁发机构选项。

我们完全支持证书透明，并且通过添加编辑功能，我们将100%导入公开信任的证书。但我们也相信，向客户提供选择是很重要的，特别是当涉及隐私信息的决策时。关于如何实现这种平衡，我们欢迎客户、合作伙伴以及更广泛的互联网生态系统在证书透明政策讨论小组各抒己见。

Blog Feature Image: 

bluelock.jpg

我在上一篇部落格文章中曾討論在公開憑證登錄的好處和多數客戶的需求之間必須取得平衡，才可避免登錄客戶視為保密的內部網域名稱。

網際網路工程任務小組 (Internet Engineering Task Force) 亦體悟其重要性，已經不斷在改善憑證透明度 (CT) 規範最新版本中對名稱修訂的支援。賽門鐵克將依據此一改善，在近期內為客戶新增「修訂」選項，以在要求憑證時不公開子網域資訊。客戶擁有此功能後，將可享有賽門鐵克監控憑證帶來的完整好處，亦能取得所需的隱私保護。

範例如下：

加入修訂功能後，我們會將目前的「選擇退出」選項從工具中移除。為什麼要移除「選擇退出」？如同我在上一篇文章提到的，「選擇退出」雖然能解決隱私問題，卻不是最佳方式，因為這會產生出並非所有憑證都能完整登錄的漏洞。若是轉而支援修訂的憑證，我們仍可讓客戶享有監控網域的好處，同時滿足其潛在的隱私需求。簡而言之，賽門鐵克的預設將登錄所有的憑證和所有的憑證資訊。客戶應只在安全性和隱私權政策有需要時才選擇修訂，並注意未修訂憑證的監控方式可能會較為簡化。

Google 的 Chrome 是目前唯一支援憑證透明度的主流瀏覽器，但 Google 尚未宣佈該瀏覽器何時或是否會納入修訂功能。因此，若客戶選擇以修訂子網域資訊的方式登錄憑證，Chrome 可能會針對該憑證發出「不信任」的警告。有鑑於此，客戶如果有基於瀏覽器的內部應用程式，且憑證網域資訊的隱私極其重要，或許可考慮使用其他瀏覽器或我們的私有 CA 選項。

我們能完整支援憑證透明度，而加入修訂功能後，便可登錄所有的公開信任憑證。不過，我們亦相信提供客戶選項非常重要，尤其是涉及客戶資訊的隱私權決策。我們誠心邀請客戶、合作夥伴和大型網際網路生態系統，前往「憑證透明度」政策討論群組，分享該如何權衡其中的利弊。

June marks Pride Month where millions of people come together across the world to celebrate the LGBT community – to applaud the progress that has been made and to bring awareness to the struggles that still exist to reach equality for this community. 

In celebration of Pride Month, we will feature a series of blog articles demonstrating Symantec's commitment as a company - and the efforts of our employees as individuals - to foster a truly inclusive culture, community and industry.

"In line with America's commitment to the notion that all people should be treated fairly and with respect, champions of this cause at home and abroad are upholding the simple truth that LGBT rights are human rights….

…During Lesbian, Gay, Bisexual, and Transgender Pride Month, as Americans wave their flags of pride high and march boldly forward in parades and demonstrations, let us celebrate how far we have come and reaffirm our steadfast belief in the equal dignity of all Americans."

  United States President Barack Obama (Presidential Proclamation, LGBT Pride Month, 2016)

Our kick-off to this series begins with a highlight of recent articles on Symantec's recently launched Medium publication #iamtech, which explores the experience of minorities and women in tech through engaging personal stories from members of and advocates for the LGBT community within and outside of Symantec:

- C Moulee, Knowledge Engineer and LGBT rights advocate in our Chennai office shares his courageous story of fighting for LGBT equality in India where legislation still significantly discriminates against this population, the acceptance he instantly felt at Symantec, and how he spearheaded Symantec's first SymPride chapter in the APJ region. Read C Moulee's article "Making One Cubicle Safe at a Time".

- Additionally, Cass Averill Symantec employee and transgender activist discusses the variety of challenges for the transgender community in his article "Transgender Means so Much More Than Changing Your Body".

Cass has served as an internal and external champion for the transgender and broader LGBT community, helping Symantec develop LGBT friendly policies and guidelines, as well as being the first employee to transition on the job while at Symantec.

We hope you will join us in celebrating this month and learning more about how the passion, determination and collaborative spirit of our employees has made Symantec a leader in LGBT equality.

Ruha Devansean is Symantec's Manager, Global Diversity & Inclusion 

While your organization uses Office 365 for more productivity with the cloud, are you sure the right people—and only the right people—have access to Office 365? Furthermore, though Office 365 authentication is a good foundation, it’s also very basic. For customers who see authentication and access controls as part of their strategic security policy instead of specific to individual applications, Office 365 authentication may not be enough.

In previous posts of this series, we examined how Symantec Office 365 Protection helps fill in the security gaps that Office 365 misses―email, advanced threat protection, and data loss prevention. In this final instalment, we’ll examine how Office 365 deployment with Symantec Validation and ID Protection Service (VIP) can provide an extra layer of security with user authentication.

Office 365 Authentication Limitations

Think of identity protection as the lock on the cloud’s front door. Identity protection keeps attackers out and ensures that legitimate users have access to cloud apps. Done properly, identity protection also improves the user experience by enabling a transparent login process.

But is everyone accessing your sensitive information really who they appear to be?

Office 365 authentication is limited to options such as out-of-band (text and voice) and mobile notifications. This means safer or more convenient options, such as biometrics, risk-based, and hardware credentials, are not available. Furthermore, Office 365 provides Single Sign-On and authentication only for Office 365 applications, and supports only Active Directory (AD) and Microsoft Identities.

How Symantec Validation and ID Protection Extends Office 365 protection

Increase your security without reducing user convenience.
Symantec Validation and ID Protection is a cloud-based service that offers robust multi-factor authentication. It meets diverse needs and supports hardware tokens, one-time password, mobile Push, Apple Watch Push, password-less fingerprint authentication, and more.

Furthermore, Symantec for Office 365 offers robust, risk-based authentication that is not limited to just geo-location. It also leverages data from Symantec’s Global Intelligence Network and uses a purpose-built login anomaly engine to more accurately detect suspicious behavior.

Obtain streamlined audit & access control for Office 365 and other cloud services.

Symantec VIP Access Manager offers single sign-on and user management capabilities for Office 365 and other cloud applications. This improves control, convenience, and compliance for end users and administrators. It comes configured with the most common enterprise applications including Office 365 and supports a variety of identity services including Microsoft Active Directory, LDAP, Oracle, and more.

Tap into the power of mobile.

Symantec Validation and ID Protection is easily accessed by a diverse array of mobile devices including smartphones and tablets. This feature gives users secure access to applications they need to be productive anywhere, anytime, with any device.

Symantec Helps You Transition to the Cloud with Confidence

Microsoft Office 365 is an excellent platform to enhance productivity, and while it does include some basic security measures, you should enhance and extend security measures with Symantec.

Looking for more insights? Be sure to read all the posts in our Extending the Security of Office 365 blog series:

Extending the Security of Office 365 Overview post

Extending the Security of Office 365: Email

Extending the Security of Office 365: Advanced Threat Protection

Extending the Security of Office 365: Data Loss Prevention

Visit Symantec Office 365 Protection

Starting soon, Symantec Email Security.cloud users will begin migrating to our new Email Quarantine.  The new end-user portal includes a number of improvements and new features including:

• New end-user portal with improved mobile experience
• Differentiation between spam and bulk mail (such as newsletters)
• Ability to approve senders directly from digest notifications
• Ability for administrators to see all quarantined message in single view
• Customizable digest notification content
• More scheduling options for digest notifications

Is any customer action required?

Customers do not need to take any action to benefit from this new functionality. Current Spam Manager customer data will automatically be migrated and new emails will be directed to the new Symantec Email Quarantine so that customers can access their data using the new portal.

Where can customers get more information?

We’re confident that you’ll find the portal changes intuitive and easy to use. In order to provide customers and partners with necessary resources and knowledge to support the new functionality, we have posted quick start guides containing helpful content with the new look and feel.

• Quick Start for Administrators with Approved/Blocked Lists
• Quick Start for Administrators 
• Quick Start for Users with Approved/Blocked Lists
• Quick Start for Users

In addition you can access our online help and our customer support team is always available to answer your questions via chat, email, and phone.

Survey

Current quarantine users, would you like to provide feedback on your quarantine experience and future needs? Please take our survey.  Be sure to click the “Finish” button to submit your response.

Last April, Symantec launched Take 5, a global volunteering program that challenged employees across Symantec to offer five hours of service to make a positive impact in the communities in which they live and work. The challenge will help Symantec reach our goal of completing an average of four hours per employee by 2020. 

Rolling up their Sleeves to Make a Difference

Our employees took this challenge to heart, rolling up their sleeves to benefit nonprofits around the world. In FY16, more than 1,500 employees participated in Take 5 with 900+ completing the full challenge, recording at least five hours and earning their Take 5 jacket.

But that’s not all. In FY16, globally employees volunteered more than 28,000 hours helping nearly 2,000 nonprofits achieve their goals. An impressive 42 percent of the employee volunteer hours were listed as skills-based/pro bono, signifying time spent providing technical expertise and skills including board service, website design, accounting support and other talents and services that help strengthen nonprofit organizations from the inside out. Additionally, the causes that employees selected include a range of causes from educational programs to environmental efforts, health-related programs to disaster relief and diversity groups.

Beyond the hours Symantec employees volunteered, Symantec donated more than $220,000 USD this fiscal year through the company’s Dollars for Doers Grant program, which awards a $15 USD donation per volunteer hour that an employee logs (up to $1,000 USD per year). Employees also get an additional $1,000 USD of matching for their personal charitable donations to qualified organizations through our Matching Grant program.

Looking Ahead

In FY17, Symantec has a great opportunity to not only continue these efforts, but to expand the program’s impact—giving back in new ways and benefiting even more organizations around the world.

This year, take 5 will continue with new volunteer opportunities and rewards, and Symantec's first Global Service Week. Global Service Week encourages business units, departments, and sites to unite together to take part in volunteer activities that benefit their local communities.

Additionally, this year's challenge will see an increased focus on virtual volunteering opportunities, which offer the flexibility to give back from one's home or office, as well as volunteering in small increments of time.

Recently our Norton Sales and Marketing and Enterprise Security Sales Leadership teams worked with Career Village, answering more than 500 students’ questions, many of whom do not have access to guidance counselors or working professionals. Through this and similar virtual volunteer efforts, Symantec teams have an opportunity to impact and inspire thousands (possibly millions) all over the globe.

We are extremely proud of the truly global impact made by our volunteers and look forward to continuing Take 5 this year!

The healthcare industry is going digital with massive amounts of patient data stored and shared among organizations. But the bad news is that attackers now target this sensitive and often personal information. According to the Symantec 2016 Internet Security Threat Report (ISTR), 78 million patient records were exposed last year in a major data breach at Anthem, the second largest healthcare provider in the US.

With the deluge of customer and patient big data, how are organizations protecting the valuable data?

Here is an overview of some issues impacting the healthcare industry and how organizations can protect themselves.

2015: The Changeover Year

According to the 2016 ISTR, over half a billion personal information records were stolen or lost in 2015. The largest number of breaches took place within the Health Services sub-sector, which actually comprised of 39 percent of all breaches in the year.

Facts about the Anthem attack:

• 78 million patient records were exposed on January 26, 2015
• Breach was caused by cyberespionage group which Symantec calls Black Vine
• Attackers used a wide variety of resources to conduct multiple, simultaneous attacks over a sustained period of time (attacker-owner infrastructure, zero-day exploits, custom-developed malware)

“We have to remember that Healthcare lives in the bigger world of threats and vulnerabilities and while we like to think we are that different, ignoring what is happening around us is naïve—and dangerous. We can never forget that because of the uniqueness of our industry—we need to frame that bigger world around healthcare’s special issues—huge volumes of very marketable and salable data, lagging security, remote services, medical devices, special requirements to share and protect that data," says David Finn, Health IT Officer, Symantec.

Attackers breached at least 55 healthcare providers and stole data from more than 110 million Americans, reported HealthITSecurity.

“2015 was a changeover year,” says Axel Wirth, Healthcare Solution Architect, Symantec. “Prior to 2015, user negligence (lost or stolen work computers) was the cause of data breaches. Today, we see a shift towards targeted attacks to an industry that isn’t fully prepared.”

The Symantec 2016 Healthcare Internet Security Threat Report found that the healthcare industry suffers from lack of attention and investment in IT security. For example, only 33 percent of healthcare providers believe that they have sufficient resources to prevent or quickly detect a data breach.

Symantec believes that the attackers behind one of the largest and highly publicized healthcare industry breach in 2015 are part of a highly resourceful cyberespionage group called Black Vine. However, according to Symantec research, this criminal group also targeted other industries such as aerospace, energy, military, finance and technology.

What’s at Stake?

Criminals are figuring out how to monetize more than credit cards and sell them on the underground black market; in fact, stolen healthcare information is also sold.

“Unlike your credit card number, which can be changed after stolen, your healthcare information stays the same,” explains Kevin Haley, Director, Symantec Security Response. “Criminals use this information for identity theft and for healthcare fraud; for example, submitting false claims.”

Healthcare data also carries a great deal of private information such as person’s medical information, physical description, information on next of kin, etc. There is also the financial and insurance information often included with healthcare data.

“There’s also the value of stolen healthcare information to nation states,” says Axel Wirth. “Nation states can check immunization records that might be a part of travel profiles for diplomatic or military records. So, the theory is that nation states can use this healthcare data to spy on its citizens or even blackmail them over personal medical records.”

Healthcare Fundamental Differences

Breaches in the healthcare industry often make headlines due to the fact the industry has the most stringent reporting requirements. When a breach happens, a healthcare organization must report the data loss. But there are also other factors that make the industry different; and in doing so, create additional challenges.

Three fundamental differences of the healthcare industry include:

1. Highly regulated
2. Additional security can create obstacles
3. Inherent complexity

Overall, creating a unified cyber security approach for the entire industry is a daunting challenge as these industry differences create ongoing obstacles.

How Attackers Breach the Healthcare Industry

2015 was the changeover year for the healthcare industry with more targeted attacks. With emerging technologies such as the Internet of Things (IoT), the industry faces concerns like “Hospitals Breached via Medical Devices?” and how consumer health IoT devices can be susceptible to data loss.

“Medical devices are the original IoT devices,” explains Kevin Haley. “Today more medical devices are being networked but also have USB ports that make them open for malware attacks.”

Within the healthcare industry, there are medical devices that use off-the-shelf (OTS) software found vulnerable to viruses, worms and other threats. Examples include systems that communicate pictures on networks (ultrasound), systems that monitor patient activity, and systems that communicate with clinical laboratory analyzers.

According to the 2016 ISTR, researchers have found potentially damaging vulnerabilities in dozens of devices such as insulin pumps, x-ray systems, CT-scanners, medical refrigerators, and implantable defibrillators.

For more information, read the FDA’s “Guidance for Industry: Cybersecurity for Networked Medical Devices Containing Off-The-Shelf (OTS) Software.”

A Shift is Coming in the Approach to Healthcare Security

While technology plays a vital role in furthering healthcare security, the focus will shift to the people and policies that generate, use and manage the data and information required for care and related processes.

“Hopefully, healthcare IT executives will realize that security is not only a compliance issue but also an assurance issue,” says David Finn, Health IT Officer, Symantec. “And non-IT executives will begin to understand that security is also a people issue, not just a technology issue. Computers don’t click links, steal critical data, or social engineer—people do. And it’s people who can stop breaches from occurring.”

Looking for more insights?

Watch the 2016 Healthcare Internet Security Threat Report Highlights recorded webcast co-presented by Paul Wood, Cyber Security Intelligence Manager, Symantec and David Finn, Health IT Officer, Symantec.

• Symantec 2016 Internet Security Threat Report (ISTR)
• Symantec 2016 Healthcare Internet Security Threat Report
• Symantec “Facts about the Attack on Anthem” infographic

For more information visit us at: www.symantec.com/healthcare.