Are you the publisher? Claim or contact us about this channel

Embed this content in your HTML


Report adult content:

click to rate:

Account: (login)

More Channels

Channel Catalog

    0 0

    And how Symantec is successfully integrating them in its business strategy
    Publish to Facebook: 

    By Delphine Millot, MPA, VP and Head of International Public Affairs at Grayling

    As a member of the UN Global Compact, Symantec was included in a new report by DNV GL highlighting companies pioneering progress towards the Sustainable Development Goals (SDGs). Symantec was praised for its outstanding work towards gender equality (SDG #5) through unique efforts to recruit women to Symantec’s board of directors and women-specific education programs in cyber security.

    The clock started ticking 18 months ago to start delivering on the 2030 Global Sustainable Development Agenda. Efforts are based on the so-named SDGs, a list of 17 goals and 169 targets covering the economic, social and environmental dimensions of sustainable development embraced by the 193 member governments of the United Nations.

    Governments are calling out businesses directly to play an active role in achieving the SDGs, as their success relies heavily on action and collaboration by all actors. None of the SDGs will be met without increased efforts from all sectors, and the trend on several goals, such as climate change and inequality, is actually going backwards. This is where business can make an impact – as a capable actor with the resources needed to deliver the SDGs alongside governments.

    If the global goals need business, the opposite is also true: business needs the global goals. The Business & Sustainable Development Commission found that achieving the SDGs could be worth at least US$12 trillion a year in market value by 2030 and create 380 million jobs in the process. Recognizing and capitalizing on the connections between social, environmental and economic progress has the power to unleash the next wave of global growth and redefine capitalism.

    A strategic approach to Corporate responsibility (CR) allows a company like Symantec to be pro-active, develop consistent CR initiatives and build a business model that can be sustained and bring shareholder value over the long term. Such an integrated approach brings credibility and authenticity to a CR program, which in turn enhances transparency and facilitates stakeholders’ engagement.

    In this context, companies can use the SDGs as an overarching framework to shape, steer, communicate and report their CR strategies, goals and activities.

    Symantec and the Global Goals

    Management approach

    Symantec looks at the SDGs as an opportunity to align core business activities and innovation efforts with society's needs. From a business perspective, this allows Symantec to reap the early benefits of high-integrity branding with their consumers, investors, employees and the marketplace. The SDGs therefore offer Symantec a pathway to attract talent, unlock new markets and develop new products and services to empower in-need customers on issues such as cyber security.  

    Symantec is a great example of a company that has integrated sustainable development into every aspect of its business. Symantec’s approach to corporate responsibility is set by the highest levels of management, who receive regular progress briefings on the company’s programs, including quarterly updates on diversity, ethics, environmental performance and community investment.

    Symantec also defined specific, measurable and time-bound key performance indicators (KPIs) as the basis for driving, monitoring, and communicating progress on the SDGs. An example is Symantec's commitment to increasing the diversity of its workforce at all levels of the company by 15% by 2020.

    Finally, Symantec reports annually on their corporate responsibility, including diversity metrics, goals and efforts. The CR reports are used as a tool to stimulate accountability and trust through integrated performance management.

    Progress on the SDGs

    SDG #4: Quality Education

    SDG #4 is focused on providing inclusive, equitable, and quality education. The talent gap in cyber security is expected to grow to a staggering 1.5 million by 2020 and there is a vibrant community of underrepresented young adults - including people of color, women, and veterans - that could fill at least 60,000 of these positions if properly trained. Symantec has invested more than six million dollars to engage and educate 745,446 students in STEM (Science, Technology, Engineering and Mathematics) education. Through education, mentorship, volunteering and partnering with leading STEM advocates, Symantec hopes to change the status quo, close the gender and diversity gap in STEM and build a robust talent pipeline. The Symantec Cyber Career Connection (Symantec C3) program was designed to do just this, providing a pathway for underrepresented young adults and veterans to receive targeted education, training, and certifications that position them to fill in-demand cyber security jobs and enter long-term careers.

    SDG #5: Gender Equality

    Around the world, women are underrepresented in the field of technology. As a result, women are missing out on this promising career path, and the field is missing out on their contributions. Symantec is committed to gender equality and the advancement of women in technology. To this end, they have created a goal to increase the percentage of women globally by 2020 and a sub-goal to increase the percentage of women in leadership (Director-level and above) to 30% by 2020.

    Symantec is a founding signatory of the Women’s Empowerment Principles (WEP), a partnership initiative of UN Women and UN Global Compact (UNGC) considered globally as the recognized principles and standards for women’s equality. And, through partners like The Anita Borg Institute and TechWomen, Symantec provides stand out females across the world mentorship, professional training and networking to prepare them for a promising future in cyber security.

    SDG #13: Climate Action

    Planetary warming continued in 2016, setting a new record of about 1.1 degrees Centigrade above the preindustrial period, according to the World Meteorological Organization. Stronger efforts are needed to build resilience and limit climate-related hazards and natural disasters. Symantec integrates environmental stewardship into their operational, product, and supply chain strategies. A sharp focus on environmental performance supports their business objectives and, at the same time, contributes to the urgent action needed to combat global climate change. Symantec took an important step regarding its energy and greenhouse gas (GHG) reductions by establishing a new goal to reduce the company’s GHG emissions by 30 percent by 2025. 

    Sustaining efforts over the long run

    They key to achieving the Sustainable Development Goals will be sustaining efforts over the long run – and corporations, governments, and nonprofits must all work together to achieve real impact. A business survey undertaken in May 2017 shows that business expects the United Nations and governments to incentivize companies to drive positive change. One incentive, publicly recognizing individual companies’ efforts, is important in two different ways. First, this positive recognition rewards companies’ innovative efforts and makes their stakeholders aware of these efforts. Perhaps even more importantly, this public reporting also disseminates best practices across a wide range of stakeholders. This sharing of best practices, and the ways in which corporations, governments and nonprofits are finding ways to lead in there own ways, is critical to making sure we deliver on the Global Goals by the 2030 deadline and beyond.

    void(0)Currently a Vice President at leading communications agency Grayling, Delphine Millot has twelve years of international experience in corporate reputation and public policy. Based in New York City, she heads Graylings International Public Affairs Practice, supporting a wide range of clients on their global communications strategies and advocacy campaigns. Before re-joining Grayling in 2015, Delphine led the business expansion in Africa, Middle East and Europe of a US trading firm, before joining a food start-up working with international hotel groups, restaurant chains and universities to lead the way towards health and environmental stewardship. Delphine completed her Masters of Public Administration (MPA) at Columbia’s University School of International and Public Affairs, with a specialization in sustainability management. 

    0 0



    0 0
  • 09/07/17--13:12: Mobilisons Les Énergies!
  • Europe celebrates its third annual Battery Recycling Day
    Publish to Facebook: 

    This Saturday, September 9th, Europe celebrates its third annual European Battery Recycling Day. This day, organized by Eucobat, a European association working to ensure that all waste batteries are collected and recycled in an ecologically sound way, works to raise the awareness of consumers and businesses on the importance of collecting spent batteries for recycling.

    In France, nearly 45,000 students will participate in a large collection of batteries through organized events throughout the country. More than 1.3 billion batteries are sold each year in France, but after they are used, many end up in the trash. To avoid the risk of pollution and recover the metals in battery, Corepile is organizing Battery Recycling Day in France, while Stibat runs efforts in the Netherlands. There will be more than 24,000 places, including supermarkets, drug stores, and primary schools, in the Netherlands where people can drop off used batteries. 

    As we use more and more electronic products, batteries are now indispensable in our daily lives. As the number of batteries used each year grows, as does the need for battery recycling. Batteries require a special recycling process due to the substances found inside, some of which are harmful to the environment. Often, these substances can be reused, another benefit for the planet.

    At Symantec we are doing our part by meeting all applicable legal and regulatory requirements related to batteries. Amongst several European Directives that apply to Symantec hardware products, there are two, the European Batteries Directive and the Waste Electrical and Electronic Equipment (WEEE) Directive, that require manufacturers or importers to deal with batteries specifically. These requirements include:

    1. Regularly reporting the type and quantity of batteries placed on the different national markets within the European Union and European Economic Area.
    2. Designing products that meet certain design requirements. For example, internal batteries cannot be soldered permanently onto the circuit board and the appliance has to be labeled with a special logo making it clear that it is not suitable for general waste (see image below).

    Photo credit: European Commission, 2017

    Symantec itself offers its professional customers across the globe an option to return their used appliances. Symantec then determines if and what components of a returned appliance can be reused and refurbished or must be responsibly recycled. Customers in many European countries can also use the EARN network, which Symantec supports, to have their old appliances recycled in a responsible manner.

    Symantec has partnered with Thinkstep on battery compliance to manage our reporting obligations through their EC4P program. Thinkstep, which provides sustainability software, data and consulting services, helps businesses drive operational excellence, product innovation, brand value, and regulatory compliance. Through the EC4P program, Symantec reports to one entity and Thinkstep helps ensure that we meet the national battery and WEEE laws in many European countries, and more around the world. EC4P experts help Symantec stay up-to-date with changing regulations and help us implement cost-effective and reliable compliance arrangements in each country.

    We hope you’ll join the efforts on European Battery Recycling Day! Several Symantec sites across the globe – including Cape Town, Dublin, Dubai, Paris, and Warsaw -  are facilitating a battery recycling effort for employees. Contact your facilities team to see if your site is participating. 

    We will also continue to provide products and services that meet and exceed international standards, including those related to battery recycling, to do our part for the planet. For questions, information or documentation on any aspect of Symantec's products or supply chain please contact

    0 0

    A Look into Critical Threats Highlighted in the Microsoft Research Report
    Publish to Facebook: 


    Volume 22 of the MicrosoftSecurity Intelligence Report includes some interesting insights regarding attacks on cloud apps, including the highlights below:

    • Microsoft reported a 300% increase in the company’s cloud-based user accounts being attacked year-over-year as of 1Q2017 vs. 1Q2016

    • The number of account sign-ins attempted from malicious IP addresses increased by 44% year-over-year in 1Q, and over two-thirds of incoming attacks on Azure services in 1Q came from IP addresses in China and the US.

    • Ransomware encounter rates are the highest in Europe vs. rest of the world in 1Q2017.

    These findings highlight the need to stay vigilant in pursuing comprehensive security solutions for your cloud activity. As you’re well aware, bad guys will follow the money; so when  sensitive corporate content moves to the cloud, attacks will follow. Microsoft’s research findings seem to confirm this adage.

    Here we will demonstrate how Symantec CloudSOC helps subvert the cloud attacks highlighted in the recent Microsoft report.  Let’s take a look into the threats and supported detection controls provided by CloudSOC.

    Ransomware Infections

    Recently, hackers have begun using cloud apps to distribute ransomware to end-users. Two attack variations have been encountered. First, ransomware is uploaded to the cloud storage app and a direct URL is distributed to end-users for download. Second, the malware specific URL (referencing the ransomware uploaded to the cloud) is used in conjunction with additional malicious code (iframe code, JavaScript, etc.) to trigger stealth drive-by download attacks. The Cloud Threat Labs research team has previously covered the spreading of petya ransomware via dropboxand cerber ransomware via Office 365.

    Symantec CloudSOC has built-in capabilities to detect threats in  files uploaded  to  cloud storage apps. The detection mechanism scans the files to unveil malicious code that may exist within. For example, when a user uploads a file to the cloud app, it is scanned for potential threats and an associated report is shown in CloudSOC. The administrator can configure additional policies to restrict the sharing of the malicious file with other users and prevent the distribution of malware. In addition, the end-user has an associated threat score profile that highlights the risk associated with the end-user who uploaded the malicious file to the cloud app. The malicious file can be ransomware or an other type of malware, but at the end, the malicious files will be flagged. As a result of successful detection of ransomware, the infections can be controlled or prevented upfront.  CloudSOC is equipped with a content inspection feature that detects the malicious files and alerts upfront.

    Figure 1: Office 365 Securlet Detecting the File as Malicious

    Brute-force Attacks and Account Takeovers

    Cloud apps are being used by hackers to take over user accounts. One of the primary attack vectors is the brute-force / dictionary attack in which multiple login requests are sent over a period of time with different sets of credentials.  The attack is driven with a motivation to hijack the user account by launching a robust automated attack. The attackers can use the intelligence from the previous set of attacks.

    To deploy detection controls upfront, CloudSOC provides an inherent capability to configure alerts for detecting automated attacks launched against Office 365 accounts. The alerts will trigger when thresholds are hit. Importantly, administrators can configure the settings as the screenshot below  using organizationally approved policies.

    Figure 2: CloudSOC Threat Tree for Alerts Related to Brute-force Login Attempts in Office 365

    Account Access from Suspicious IPs / Locations

    As highlighted in the Microsoft Threat Research report, Office 365 was frequently accessed from malicious IPs over a period of time. This could reflect the two scenarios: First, the attacker has compromised a users’ credentials and then used them to access the application. Second, the attacker was trying to obtain the users’ credentials by launching automated attacks in a distributed manner from wide variety of IP addresses belonging to different geographic locations on the Internet.  It is very important and essential part of the threat intelligence process to determine how, when, and from where users’ accounts are accessed. CloudSOC provides detection control to define alert settings for checking account access from the suspicious locations.

    Figure 3: CloudSOC Threat Tree for Alerts Related to Suspicious Locations Access Attempts  in Office 365

    Apart from detecting the threats above, Symantec CloudSOC has the most robust solution for protecting Microsoft environments, including:

    • Support for both API and Gateway for complete coverage of both corporate and personal accounts, in-line detection/prevention, and cloud-to-cloud protection.
    • Comprehensive coverage of the Office 365 suite:not just OneDrive, but also Exchange Email, Sharepoint Sites, Yammer, and other key components of the O365 ecosystem.
    • Monitoring and protection of Azure environments (IaaS), including auditing of administrative user activity and policy enforcement.
    • Robust Cloud DLP to analyze and restrict uploading, downloading, and sharing of sensitive content.
    • Advanced user behavior analytics that analyzes each and every user account to accurately detect suspicious activity, and trigger actions such as alert, quarantine or block.
    • Compliance reporting and monitoring for Microsoft environments to ensure users are appropriately leveraging cloud apps and services.
    • Extensive integrations with core security technologies, such as Symantec DLP, Symantec ATP, Symantec ICE, Symantec ProxySG/WSS, Symantec VIP, Symantec Endpoint Protection (SEP), and Symantec MSS to ensure comprehensive coverage for cloud content.

    0 0

    August saw increases in the malware and spam rates, and new phishing warnings from the IRS


    0 0

    Symantec Named to the Dow Jones Sustainability Indices for Eleventh Consecutive Year
    Publish to Facebook: 

    Symantec is proud to have been once again named a Sustainability Leader on both the Dow Jones Sustainability (DJSI) World and DJSI North America indices along with just six other software technology companies. This is our eleventh consecutive year listed on the North America Index and our tenth consecutive year on the World Index.

    The DJSI series, launched in 1999, is the longest running, and one of the most prestigious, global sustainability benchmarks, and evaluates the financial performance of the leading sustainability-driven companies worldwide. The index represents the top 10 percent of the largest 2,500 companies in the S&P Global BMI based on an analysis of long-term economic, environmental, and social factors.

    The Industry Overview report, released today, includes a focus on sustainability-related software solutions that help create more efficient business processes and facilitate risk measurement and management. Other critical issues listed for the industry include ensuring data security, managing, training and developing highly qualified employees, customer loyalty and retention, and energy use.

    “Symantec is honored to be included on the Dow Jones Sustainability Indices for our eleventh consecutive year,” said Cecily Joseph, Symantec’s Vice President of Corporate Responsibility. “This independent ranking recognizes our sustainability performance, strong governance policies, and commitment to keeping the world’s information safe. We all have a lot to be proud of today.”

    Later this month, Symantec will release our tenth annual Corporate Responsibility (CR) Report. Stay tuned for updates on or CR progress, including:

    • How we’re supporting the UN Sustainable Development Goals;
    • Highlights of our efforts to grow and support a diverse cyber security workforce by educating one million students in STEM;
    • Progress towards our goal of reducing our Greenhouse gas (GHG) emissions by 30 percent by 2025;
    • Our robust commitment to community impact, including our volunteering efforts, partnerships with nonprofits around the globe, and our product donation program.

    0 0

    Publish to Facebook: 
    Twitter カードのスタイル: 

    One of the ongoing discussion points about the healthcare industry’s acceptance of the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) has centered on the difference between a framework and compliance.

    After all, healthcare organizations already follow a number of regulations, most notably the Health Insurance Portability and Accountability Act of 1996, better known as HIPAA. During Symantec’s most recent webinar for the series, “Demystifying the NIST CSF for Healthcare,” Axel Wirth compared the CSF with HIPAA.

    “HIPAA defines the what, but not the how,” he said. “Think of HIPAA as what you need to accomplish, but not how you get there.”

    As any successful cybersecurity professional will tell you – the devil is in the details. An organization could be deemed “successful” if they’ve avoided a large data breach, but that doesn’t mean their systems meet proper benchmarks. Instead, healthcare organizations should use the NIST CSF as the roadmap to creating a more risk-adverse enterprise.

    That is true for the DETECT function of the NIST CSF, which was the main subject of our most recent webinar. The DETECT function looks at three main areas:

    • Anomalies and events
    • Continuous monitoring
    • Detection processes

    The goal of this function is to be able to tell when events happen, as well as to gain insights into them. For detecting anomalies and events, the DETECT function helps organizations gauge how they can understand their attack targets, the overall impact of an event and if they have established alert thresholds.

    Continuous monitoring has become one of the most effective cybersecurity practices. The DETECT function of the NIST CSF looks at how individual networks are monitored, including the personnel activity and the physical environment the data is hosted in, along with things like new malicious code and even potential cybersecurity events. The detection processes focus on the governance structure in place to make sure the processes are well defined, comply with all requirements and are tested for accuracy.

    The NIST CSF comes down to looking at where an organization is, where they want to be, what gaps currently exist and what needs to be done to fix them. It is a great mechanism to identify an organization’s security baseline and provides a path to ensure steps are taken to strengthen the security posture. When dealing with personal patient information, this is of utmost importance to the healthcare community.

    To view the webinar in its entirety, click here. And join us on September 12 for the next webinar in our series as we’ll explore the RESPOND function of the NIST CSF, including what tools and processes healthcare organizations need in order to minimize impact during a cyber incident.

    0 0

    Publish to Facebook: 
    Twitter カードのスタイル: 

    President Trump has requested $228 million from Congress for an information technology modernization fund that agencies could use to upgrade high-priority legacy systems. The idea builds off a similar plan from the last year of the Obama administration, but takes a more cautious approach.

    The Obama plan called for a more aggressive spend, requesting more than $3 billion per year. The Trump administration plan takes a more “wait and see” approach, using the $228 million as essentially a pilot program to see how such a fund would work.

    “We understand that $228 million is obviously small in proportion to the $90 billion we spend each year on technology, but given the central board will have a bird’s eye view on agency needs, it will fund the highest priorities,” an Office of Management and Budget (OMB) official told Federal News Radio in May.

    The fund is a step in the right direction if it can make it through Congress. There is no shortage of stories from government agencies running mission-critical programs on legacy systems – some more than 40 years old. The Trump administration sees the need to fix these, so even though the plan calls for less funding than originally hoped, it could be the start of a major breakthrough. This funding – and focus – can also help to lock-down these systems.

    Building-in Security

    Legacy systems bring with them a host of challenges. They are expensive to operate, can be difficult to find people knowledgeable with how to use them and the systems themselves cannot communicate easily with modern technology. These are all important, but more than anything else, legacy systems lack security.

    As federal agencies use the new modernization fund to bring older systems up-to-speed, they need to keep the security component top of mind. Security needs to be built into these systems from the beginning. Too often federal agencies have fallen into the trap of finding a system that fills a need and trying to bolt-on products in an attempt to secure it later. This leads to larger problems down the road and results in significantly more complex environments – as well as much higher costs over the life of the system.

    The right system for any agency must first be secure. The security program needs to provide low levels of risk, meet compliance and framework standards and be able to communicate/integrate with other tools and technologies.

    In a way, legacy systems have taken the eyes away from government technology leaders by limiting their visibility into the system itself. In order to be effective, federal technology leaders need this visibility into the security of their systems. Modern systems can offer this capability, but only if constructed correctly, from the ground up, as agencies deliver on their modernization efforts.

    It is wonderful that the administration will provide a way for federal agencies to begin improving legacy systems. Now it is up to the agencies to make sure the modern systems that are brought in fix the problems legacy systems created in the first place, including security vulnerabilities and a lack of agency control.

    Stay tuned for future content on this blog around how agencies can modernize their security programs as they modernize their legacy environments.

    0 0

    8 月には、マルウェアとスパムの比率が上昇し、新しいフィッシングについて IRS から警告が発令されました。


    0 0
  • 09/10/17--23:05: 2017年8月最新情报
  • 八月份,恶意软件数量和垃圾邮件比例均有上升,美国国税局发出新的网络钓鱼警告


    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    Twitter カードのスタイル: 

    As CIO for the Williams Group, I think a lot about how to secure our information and intellectual property – and we clearly generate a ton of it.

    During a typical race weekend, our Formula One team generates about 60 gigabytes of telemetry and 80 gigabytes of additional data, delivering a total of 140 GB that requires analysis in order to determine each critical decision made throughout each practice session, qualifying, and the race on Sunday.

    That’s just the half of it.

    Throughout qualifying and races, our team also needs to relay that massive amount of data back to our UK headquarters in real time for analysis. All the while, our engineers working in the race pits are accessing streams of information on their laptops to make on-the-spot recommendations on the timing of pit-stops, making fractional front and rear-wing adjustments, and to constantly tune vehicle performance.

    So when I say that our company thrives on its intellectual property, this is far beyond being a business truism: IP is our organization’s lifeblood and it’s behind our success winning 16 Formula One championships.

    As we’ve digitized our operations, we now face escalating threats from cyber criminals. Each year, attackers show increased sophistication and skill in changing up their tactics. We know there’s a steep price to pay for failure. If any malicious outsiders were to get their hands on our car designs or any other of our IP, it would put Williams’ competitive advantage at dire risk.

    A breach would also risk dealing a blow to our reputation for safeguarding the closely-held secrets of partners and customers who regularly share their intellectual property with us. In addition to our own Formula One race car division, Williams Advanced Engineering group also works with a range of other industries.  

    For instance, we partnered with Jaguar Land Rover to produce the Jaguar C-X75. Film-goers may recognize it as the vehicle used by one of the bad guys in the film, `Spectre,’ chasing James Bond through the streets of Rome. We also do work in aerospace, medical sciences, defense and a range of other industries where partners rely on us to maintain a safe and secure supply chain and meet strict security requirements governing the handling of their most valuable information. 

    Keeping Users Secure

    I often get asked what keeps me up at night. There's only one thing I really worry about: Losing data. It’s what I hate the most.

    That job has become increasingly fraught given the multiplicity of digital endpoints that we now need to protect, and exacerbated by the fact that our teams are frequently on the road, where they connect via mobile devices in order to access Williams’ intellectual property. Roughly 60% of our workforce regularly now works away from the home office and they need to be able to download data safely from anywhere in the world.  

    Given the different types of data and intellectual property we’re regularly involved with, we put a premium on finding a way to ensure that our users remain secure, no matter where they work and no matter what networks they use.  

    In the past, we only had antivirus to protect the endpoints. There was no intrusion prevention or detection system at all. So last year, we partnered with Symantec to help us deal with these myriad endpoint security needs and fill the gaps in our network defense.

    Symantec’s breadth of intrusion prevention and detection technology made an immediate impact. Our first race of the 2016 season marked the first time that we had endpoints that I felt were fully protected. With Symantec Endpoint Protection and Endpoint Encryption, which were deployed at the same time, everyone on our team who went to Australia for that race had fully protected endpoints they could trust.

    Endpoint protection involves a lot more than just loading antivirus onto our systems. Here’s an example:

    One of our laptops was stolen during the Italian Grand Prix at Monza in September 2016. In the past, we would have had to escalate that kind of incident to the boardroom since the theft of data kept on those machines could potentially compromise our IP. Not this time. Symantec’s technology completely enveloped all the data stored on the stolen device in the protective shield. The thieves had one of our machines in their possession, but they had no way to access what was inside. Symantec’s endpoint protection technology had made it impossible for outsiders to access any of our information.  

    We’ve also extended Symantec Endpoint Protection to safeguard our virtual machines and cloud, where a lot of our intellectual property gets stored. That came in handy when attackers subsequently tried to hack into our cloud. Symantec Endpoint Protection detected the attempt and sent out an alert. The upshot: We foiled their attempt to access our data, bring down our systems or use them as bots, which is probably what they were trying to do.

    The partnership with Symantec has translated into a vastly improved risk management posture–which further enhances our reputation and enables us to give customers and partners even more confidence in our ability to protect their IP. Symantec has equipped Williams with the necessary tools and technology so that we can turn to our customers and assure them that, "Your data is safe with us."

    Learn more about how Symantec protects Williams on our dedicated microsite.

    0 0

    Machine Learning Automatically Interprets Cloud App Traffic
    Publish to Facebook: 

    As departments adopt more cloud services to perform business critical activities, the Symantec cloud team is working hard to help IT organizations quickly extend their cloud monitoring and control capabilities to protect more cloud services.

    SuccessFactors, Google Hangouts, and Facebook Workplace are among the many new and enhanced services supported by CloudSOC to help organizations monitor and secure data and accounts in the cloud.  The CloudSOC data science team recently deployed a new machine learning system that can automatically learn to read cloud app traffic. Within weeks of being deployed, this new system has already added granular activity monitoring and control for over 30 new cloud apps to the CASB Gateway.

    The data science core in CloudSOC helps IT departments secure a constantly changing, vast landscape of cloud territory, providing intelligence to address cloud challenges, such as:  

    ●Cloud providers update and change their services without warning.

    ●End users regularly adopt new cloud apps without notifying IT.

    ●End users control what content they choose to upload and share—often without fully understanding the risks associated with what they do.

    ●Third parties opportunistically uncover confidential company data accidentally shared with the public.

    ●Cyber criminals target cloud accounts to access data, spread malware, or exfiltrate data.

    Organizations need deep visibility into real-time traffic, not just what apps users are accessing, but also what exactly users are doing with a cloud app. Getting to this level of granular and contextual knowledge is difficult. It requires a system with the ability to read the real meaning in volumes of traffic that uses obscure machine language identifiers to communicate with disparate systems. Additionally, this system must be adaptive, able to use a foundation of knowledge based on a continually learning system because these machine language identifiers can be changed without notice or documentation at any time by 3rd party cloud service development teams.

    One of the ways CloudSOC tracks transactions with cloud apps (sanctioned and unsanctioned platforms, corporate and personal accounts) is through an inline gateway. The CloudSOC CASB Gateway relies on an artificial intelligence engine called StreamIQ to read the machine language in real time to identify and control risky behavior and confidential content between end users and cloud apps.   The CloudSOC data science team leverages the horsepower of cloud computing and both supervised and unsupervised machine learning to create StreamIQ. This intelligence system drives accurate and deep activity tracking for a broad and continually increasing range of cloud apps. StreamIQ intelligence also enables CloudSOC to detect more threats such as malicious insiders and abnormal behavior, enforce protection with a more granular level of control, and investigate security incidents more effectively.

    The latest enhancements to StreamIQ accelerate CloudSOC’s ability to learn to read new cloud service machine languages. After only one month of deployment, CloudSOC has already added granular visibility and control for more than 30 new apps. The CloudSOC CASB Gateway can monitor and enforce granular security controls on sanctioned and unsanctioned cloud apps and with the powerful StreamIQ system, it can easily learn new apps as they become important to our customers.     

    Learn more about CloudSOC here

    Click to Tweet: 
    Symantec CloudSOC Adds 33 New Cloud Apps including SuccessFactors #CASB #CloudSOC #SuccessFactors #Symantec
    Symantec CloudSOC CASB machine learning automatically interprets cloud app traffic #CASB #CloudSOC #Symantec

    0 0

    Disaster Response Policy helps Symantec act quickly when natural disasters occur
    Publish to Facebook: 

    The world has experienced a number of catastrophic weather events in recent weeks. We’ve seen the images of the destruction caused by recent hurricanes Harvey and Irma, and the devastating impact on the people of Texas, Florida, Belize, Nicaragua, Honduras, Cuba, and many islands in the Caribean. In South Asia, monsoon season has been unusually harsh and the resulting floods across India, Bangladesh, and Nepal have claimed the lives of 1,200 people to date.

    Being a good corporate citizen is core to our company culture and each time a natural disaster occurs, our Corporate Responsibility (CR) team needs to decide how to respond – and must act quickly. Symantec has a formalized Disaster Response Policy to help us best respond to situations that necessitate external assistance. Our pre-determined and agreed upon approach allows our CR team to work quickly to put our response plan in place.

    Each disaster is evaluated on a case-by-case basis using a disaster response scorecard. We place an emphasis on those that occur close to one of our offices or those that impact our employees. We also look at the total number of people affected by a disaster and the financial impact expected to the government and affected communities. We keep close tabs on how our peers and similarly sized corporations are responding, as well as employee sentiment generated from the event.

    This process guides our CR team, and our goal is to respond within 72 hours, as we know early financial donations help provide food, water, and other desperately needed supplies. We have pre-vetted several national and global nonprofit partners, including CARE International, UNICEF and the Red Cross, and research locally focused relief organizations where appropriate.

    Once the scorecard is completed, a process flowchart helps our team respond. For all disasters that meet an aspect of our scorecard criteria, we monitor the situation through participation in U.S. Chamber of Commerce Business Civic Leadership Center calls, Red Cross email notifications, general media resources, and other nonprofit partner communications.

    For all incidents that score five points or higher we post nonprofit information on our disaster response intranet and leverage our employee matching gift program. We match employee donations 1:1, up to $1,000 per year. For events that score more than ten points, we work with our Steering committee, the Senior Site Executive in the region, and our Communications, Human Resources, and Business Continuity Management teams, to determine the best course of action. We often consider at 2:1 employee match and provide employee assistance program information where appropriate.

    We typically make financial donations for disasters that score twenty points or more. For example, we offered financial support to relief efforts after Hurricane Harvey through our Disaster Response Strategy. As a company, Symantec made a donation of $25,000 to Team Rubicon, a nonprofit organization headquartered in Dallas, Texas, that mobilized military veterans with first responders to rapidly deploy emergency response teams to the flooded areas.

    Finally, we look for ways our software products and services can be of value. With any hurricane, monsoon, or event that occurs, we of course think first about the people impacted. Having our Disaster Policy in place allows us to help where, and as much as, we can, as quickly as possible. 

    0 0

    Local Green Team supports Symantec's goal to reduce GHG emissions by 2025
    Publish to Facebook: 

    It started with a mug. The Cape Town, South Africa office connected with Symantec’s Green Team in 2015 when Symantec launched the "One Mug, One Planet" campaign to help reduce paper cup usage across operations by 15 percent. Inspired to minimize their impacts both inside and outside the office, the Cape Town office joined the campaign, making a commitment to use a reusable mug every day.

    Two years later, Cape Town has it’s own four-person Green Team, including Wade Corin, Director, Inside Sales; Shieraaz Williams, Facilities Manager; Pia De Freitas, Associate Manager, Inside Sales; and Clarissa De Agrela, Inside Sales / Site Coordinator. Working hand-in-hand with the Employee Resource Groups (ERG), including Community Relations (CR) Committee, Events Committee, Intramural Sports Committee, and Symantec Women’s Action Network (SWAN) they support one another and help drive a certain culture within their location.

    Cape Town’s Green Team is focused on making a difference both in the office and within their local communities. With events held at least quarterly ranging from beach clean-ups to building vegetable gardens in low-income communities, the Cape Town Green Team is quite active. The group also organizes events to educate local youths on topics like Cyber Security and Greenhouse Gases and works to inspire these children and teenagers, showing them how they can make a difference in their own communities.

    The CR and SWAN committees drove the Veggie Garden Initiative in two of Cape Town’s in-need communities to support the local people living there and help teach them how to grow crops. The volunteer team, led by Natalie George, Yondela Nyongo, and Leeanne De Wit, cleaned up lots, built greenhouses, and planted vegetables, including spinach at three different garden events.

    For Shieraaz and Clarissa, joining the Green Team was a chance to not only make a difference in their communities, but to reduce our global carbon footprint. “I chose to join the Green Team as I feel that it is important to understand not only the Greenhouse gas (GHG) effect, but also how we as a Company can make changes, whether they be large or small, to have a positive effect and contribute to the survival of life on earth,” said Clarissa.

    In addition to working to help underprivileged communities, Symantec’s Green Team helps support our goal to reduce GHG emissions by thirty percent in ten years (FY15-FY25). In the office, the Green Team supports the local facilities team with identifying cost-cutting and energy reduction initiatives, using lasted technologies to help reduce the energy and carbon footprint. Due to these efforts, over the last two years, the Cape Town office has introduced energy-saving controlled lighting, and is now going a step further with LED lighting solutions to reduce energy even further. The team has also adjusted the HVAC to switch off during none office hours and weekends, and all water coolers are now timer controlled.

    On Mandela Day, Symantec’s Cape Town office volunteered with animal welfare charity, FALLEN ANGELS, and spent time caring for dogs at the rescue center.

    If you’re wondering about the first mug that started it all, after the success of "One Mug, One Planet", the Cape Town office has stopped using foam cups entirely. Symantec mugs and glassware are offered throughout the office helping the team reduce their waste and carbon footprint.

    Cape Town’s Green Team and ERGs will continue to work together to educate and bring awareness to the importance of reducing GHGs and making a difference in the world we live in today. Green Team member Wade Corin knows the importance of leading by example, saying, “Being socially responsible is everyone’s responsibility – If you are not willing to do it, how can you ask others?” As such, the office looks forward to participating in the second annual Global Service Week (GSW), October 9–15, 2017 and hopes you will too. In Cape Town, GSW will include volunteering with SolarBuddy, whose goal is to end the devastating cycle of energy poverty for marginalized communities across the world. Cape Town’s volunteers will build solar light bulbs, giving the gift of light to dozens of children living in energy poverty. They hope you will be inspired to share your gifts in-person or virtually this GSW.

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    Twitter カードのスタイル: 

    For more than a decade the National Association of State Chief Information Officers, better known as NASCIO, has polled its members to learn their priorities at that given point in time. It comes as little surprise that information security has made the published top 10 each year, but in recent years the subject has had a strangle hold on the top spot.

    This past November security and risk management topped the list of state CIO priorities. It was the same the year before and will likely be the same next year. The reasoning is simple: like their colleagues in the federal government – not to mention the private, education and healthcare sectors – nothing is more important than information security for state technology leaders.

    That is a running theme throughout the NASCIO list. State technology leaders want to increase their use of cloud services, modernize legacy systems and further leverage data management and analytics solutions. All of these initiatives require a robust security infrastructure to be successful.

    The Path Forward

    The cybersecurity maturity of state government agencies varies from state to state. Some states already have robust security systems in place and are focused more on integrating new tools, while others might house more risk than they are comfortable with.

    The best first step for any state government is to use the National Institute of Standards and Technology’s Cybersecurity Framework (NIST CSF) to create a risk management plan. The NIST CSF will allow state governments to determine the gaps in their security coverage and prioritize their exposure. By using the NIST CSF, state governments can gain a full view of their enterprise and allocate future resources to the most sensitive of areas.

    For fixing these gaps state governments should look to improve their overall security infrastructure, opposed to finding a technology to one specific blind spot. By simply plugging in different cybersecurity solutions, state governments risk creating silos filled with further security gaps. State governments need end-to-end security solutions that protect data wherever it resides. Solutions that are built to integrate together as well as with existing technologies.

    By pursuing a multi-layered approach that aligns perfectly with the NIST CSF, state agencies will have confidence that their cybersecurity program is, and will remain, effective.

    The NASCIO survey shows that state governments take security seriously – it is wonderful to see that security remains a top priority. The challenge will be for state governments to fix security holes in an efficient and effective way that does not create future problems. By laying a baseline through the NIST CSF and then factoring in an integrated defense platform, state government information and assets will be well more protected.

    We are going to be looking at key cyber priorities coming out of NASCIO as well as other emerging trends in the state and local market, while providing some commentary and recommendations. Stay tuned for additional blogs in this series.

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    Twitter カードのスタイル: 

    The new BlueBorne ( vulnerability should scare the security community because it is a non-traditional attack vector not addressed by conventional security solutions. Fortunately Symantec customers, Symantec Endpoint Protection Mobile (SEP Mobile) is not a conventional solution and is agnostic to the attack vector.

    Bluetooth was once considered quite secure due to years of implementation peer review from researchers. Unfortunately, in the last ten years researchers turned their eyes elsewhere. During those ten years Bluetooth has been implemented in a plethora of new devices, operating systems, and frameworks. As a result, implementations have apparently lost some of that initial security focus, and vulnerabilities have unfortunately flown under the radar for too long.

    Enter BlueBorne, leveraging a newly discovered attack vector that puts an estimated eight billion worldwide devices – mobile, desktop, and IoT - with Bluetooth at risk of infection. BlueBorne exposes an extremely potent new attack vector that attackers will seek to leverage widely, mostly as a result of a few key traits:

    First, people’s systems almost always have Bluetooth turned on. And, perhaps unbeknownst to most, Bluetooth is always scanning the airwaves for devices looking to connect (even if you’ve never paired with them before). This means that BlueBorne is quite literally spreading through the airwaves undetected.

    Second, adding to its contagiousness is the fact that BlueBorne (via Bluetooth) is compatible with basically any/all software versions and doesn’t require any specific conditions beyond an active Bluetooth. It also doesn’t require any user interaction to infect the device.

    Third, once BlueBorne finds a device via Bluetooth, it can analyze the MAC address to determine the device’s operating system. Then it can deliver a payload tailored to that operating system. This makes it extremely adaptable.

    And, finally, as if being highly contagious and adaptable wasn’t enough, Bluetooth also has inherently high administrative permissions on devices. This means that when a device is infected, the attacker has virtually full control over the device and can accomplish any number of potent actions which include, but aren’t limited to, man-in-the-middle attacks and remote code execution.

    All in all, this is a nasty new threat vector that existing security solutions aren’t looking for. It can spread quickly, easily, stealthily, and lethally. And it will, of course, take time for Bluetooth to be patched across all eight billion devices. This will all make BlueBorne an extremely attractive medium for attackers for some time.

    How does it work?

    BlueBorne consists of 4 vulnerabilities affecting Android devices: One is an information leak vulnerability which helps to facilitate the next ones; two are vulnerabilities that allow remote code execution (RCE) as the Android Bluetooth user; the last one allows creating a network interface that device traffic will be routed through, similar to a man-in-the-middle (MiTM) hotspot.

    So, is there any good news? Yes, actually, there is! First, these vulnerabilities were patched in the Android OS in the security patch of September 2017, and Apple patched it in iOS 10. So, anyone can now update their operating system to protect themselves from this threat. Yet not everyone can or will, and what about protecting your device from these types of threats before they are disclosed and patched? That’s where SEP Mobile shines.

    Although most security solutions probably can’t stop BlueBorne from infecting a device today, SEP Mobile still has mechanisms to render it harmless by defeating the payload itself. SEP Mobile has several ways to handle this. Among other detections, SEP Mobile uses an advanced Indicators of Compromise (IoC) engine on every mobile device it monitors to identify exploits that are being used to gain control over the device in real time. This engine uses deep knowledge of each device system, how it should look and behave, and how proper apps and processes are supposed to interact with it. So, as soon as BlueBorne attempts to infiltrate a mobile device protected by SEP Mobile, we would flag that as malicious activity and activate the appropriate protections to keep the device and sensitive data safe. Other detections will alert and automatically protect if an attacker attempts to achieve network MiTM, regardless of the exploit. SEP Mobile now also explicitly alerts for systems that are vulnerable to CVE-2017-0783.

    Many of the methods used by SEP Mobile for predicting and detecting mobile threats are agnostic to the method, or vector, of the attack. It means that we don’t have to know (or try to predict) the signature of every threat or attack vector in existence. We can instead focus on stopping the malicious activities they will attempt. This is the beauty of a future-proofed mobile threat defense solution.

    In addition to being able to stop malicious payloads using this Bluetooth vulnerability, Symantec will continue to protect our customers’ mobile devices from many other exploits that are as of yet unknown. It should still give businesses peace of mind that their end user’s mobile devices will remain safe from today’s attacks, as well as those that will appear tomorrow.

    What to do now

    Always be sure to update your mobile device to the latest security patch as soon as possible. If you’d like to learn more about how SEP Mobile can protect your enterprise’s mobile devices, be sure to visit our website or drop us a line.

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    Twitter カードのスタイル: 

    A few years ago, most businesses would have been right to wonder whether their digital work processes would ever be as easy to use as Facebook. But cloud technology has come a long way in a short time. 

    Cloud services are transforming internal business workloads and processes of countless companies and whole industries like retail, transportation, and even manufacturing. Organizations are able to choose among a variety of intuitive, cloud-based services to find the best fit.   

    The shared, on-demand nature of cloud computing also means that enterprises need to plan for a host of new security challenges. Fortunately, Symantec and other companies can help with products such as ProxySG, "ProxySG-as-a-Service" in the Cloud (officially  known asWeb Security Service, (or WSS),Cloud Access Security Brokers, and the single-sign-on features of our own Validation & Identity Protection service Access Manager.   

    However, we're always reaching for more. That's why the Research Lab continued tackling new challenges like insider threat detection, micro-segmentation, and micro-services, all from the perspective of the cloud. 

    Indeed, going back over adecade, we did some of the earliest work in the industry on constructs like “containers.” More recently, we published on “Security-as-a-Service for Microservices-Based Cloud Applications,” to guide administrators as they implemented permission controls around the “principle of least privilege” policy enforcement for containers. 

    The Research Lab has also applied machine learning to protect cloud-based services and combat insider threats. In fact, our first trial deployment, working with a company employing more than ten thousand cloud users, helped catch real insiders who were abusing the system.

    A Personal Kind of Cloud Security

    However, when I mull the future of security and the cloud, I see even bigger potential. Think about security delivered “from the cloud” as an always-on service, protecting users everywhere they go. 

    Let me offer an analogy. 

    The Internet surrounds us nearly everywhere we go. We’ve come to expect wireless and constant connections, anywhere, anytime. In similar fashion, security should envelop us wherever we go. 

    I like to envision it as an invisible body of armor, one that moves with us like a summer shirt, but more bulletproof than Kevlar, titanium or carbon fiber all combined. 

    Personal VPNs offer a bit of the “always on” protection that I’m describing. They ensure that computing devices are always connected to a safe data center, protected by a strongly encrypted pipe that lets you securely transmit communications, protected against any eavesdroppers who might be lurking. 

    That’s just a first step. With so many websites getting hacked, how can even you be sure that the websites you visit aren’t attacking you “through” that pipe? That’s where cloud-based services like WSS and Fireglass help.  

    Such services can detect and block such attacks in real-time, including some never seen before. 

    Given the countless mobile devices now part of the growing Internet of Things are truly “cloud-driven” things, building such powerful and flexible security into mobile devices is a crucial step. That’s why Symantec Labs was eager to help Symantec becomeamong the firstto leverage theARM TrustZone technology that’s now built into billions of mobile devices.  

    It also explains why we’re stillhelping drive newstandards for such authentication, safely and securely connecting people to their information in the cloud, perhaps evenfinally killing passwords in the process.  

    What’s more, it’s also part of the reason we are so excited about our more recent acquisition ofSkycure, which makes a predictive threat detection platform for mobile devices.

    This is an idea that can’t come to fruition fast enough. Consider, for example, the practice of merchants and ad-networks invading our privacy to profile everyone. 

    Meanwhile, some governments are going so far as toattack our smartphones to gather information about the political leanings of their citizenry and unmask the anonymity of dissidents protesting against repressive regimes. 

    If ever there was a time we could use the powerful and flexible armor that I’m talking about, it’s now. Both for individuals as well as for organizations. My hope is that this kind of security will be delivered from the cloud. 

    And soon. 

    We’re working hard on that.

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    Twitter カードのスタイル: 

    Speaking today before an audience at the Center for Cyber & Homeland Security (CCHS) at the George Washington University in D.C., Symantec CEO Greg Clark shared his perspectives and recommendations for strengthening America’s cyber defense. 

    More specifically, Clark addressed the defects in today’s model, whereby cyber criminals and malicious Nation States can easily discover which security products the U.S. government has purchased, then buy those very same products in order to study how to exploit them in cyberattacks. 

    Clark proposed the government work with trusted partners to develop mission-specific, custom security products that are protected from discovery and scrutiny by bad actors. In addition, Clark called for a major security research and development effort that would strengthen America’s cyber defenses while spurring innovations that also will benefit the private sector and society-at-large. 

    Clark outlined his recommendations today in an op-ed on You can read the full text here.

    0 0
  • 09/20/17--12:36: HOLA is For All of Us
  • Symantec celebrates Hispanic culture and National Hispanic Heritage Month
    Publish to Facebook: 

    By Martina de la Torre, Director, Global Trade Compliance at Symantec

    ​In an increasingly connected world, cultivating a diverse and inclusive community that welcomes people from all cultures is critical to running a successful business. When people feel comfortable speaking up there is more collaboration and innovation, faster solutions and delivery of our projects — and it is easier to implement change. We believe that when you give people equal opportunity, amazing things happen. That’s why Symantec has set a 2020 goal to increase the percentage of underrepresented minorities in the United States by 15 percent.

    But as a Hispanic woman in tech, I know our industry still has a lot of work to do when it comes to welcoming people from diverse communities. While the Hispanic population in the United States has reached 57 million[1]— making it the second largest population in the nation and the largest ethnic group — we hold only 7 percent of technology jobs. And despite Hispanics being considered some of the savviest and most frequent technology users, only 8 percent of computer science and engineering graduates are Hispanic, and of those only 12 percent go into technology jobs.

    This also means that Hispanics are missing out on economic opportunities. Jobs in computer sciences, including cyber security, cloud computing and mobile networks are growing 21 percent faster than the average for all occupations, according to the Bureau of Labor Statistics. And the tech industry is also missing out — on the skills and unique perspectives of the Hispanic community.

    Above: This August, HOLA’s work included hosting the Hispanic Foundation of Silicon Valley (HFSV), including Ron Gonzales, President and CEO of HFSV and former Mayor of San Jose (center, blue blazer). Cecily Joseph, Symantec’s VP of Corporate Responsibility, standing to the right of Ron, also attended the event.

    This August, HOLA’s work included hosting the Hispanic Foundation of Silicon Valley (HFSV), including Ron Gonzales, President and CEO of HFSV and former Mayor of San Jose (center, blue blazer). Cecily Joseph, Symantec’s VP of Corporate Responsibility, standing to the right of Ron, also attended the event.

    National Hispanic Heritage Month, which begins September 15, marks the anniversary of independence of five Latin American countries: Costa Rica, El Salvador, Guatemala, Honduras, and Nicaragua. Mexico and Chile celebrate their independence in September, the 16th and the 18th respectively. This special month reminds us both of the progress we’ve made to foster a more diverse and inclusive community here at Symantec, and the work that lies ahead.

    A network dedicated to Latino culture

    In 2009, Symantec founded the Hispanic Outreach, Leadership & Advancement group (HOLA), which represents our Employee Resource Group (ERG) for Latinos. What started as a series of events organized around Hispanic Heritage Month has evolved into a community that supports Hispanic employees in professional development as well as exposes other employees to the diverse Hispanic culture.

    Our primary goal is to engage internal and external stakeholders via our shared Hispanic culture. We’ve done this through a variety of initiatives, including a Professional Networking event, Internet safety programs at local schools and a Hispanic Heritage event.

    HOLA’s Hispanic Heritage event

    Closing the diversity gap in cyber security

    With my own children, nieces and nephews, I’ve seen first-hand a lack of opportunities to help them prepare for their careers. They do not have opportunities for internships, do not have mentors, and do not have networks to get interviews. Silicon Valley is a competitive place and our local youth have to compete with global talent. I want to see our youth grow up in an inclusive environment that nurtures diversity so that they will be able to realize their dreams and compete in our global economy.

    In recognition of the reality that children often are inspired by a particular potential career path at a young age, HOLA invites children from local schools to demonstrate to students the value of science and math and the opportunities such education affords.

    Students from underserved areas come to Symantec to see what it's like to work in a tech or computer science career. We give them a tour of our offices, schedule workshops — the recording studio always is very popular — pair them with Hispanic employees at Symantec for lunch and expose them to many roles and professional opportunities. The children benefit from seeing our employees, who may look like them, which we hope will leave a lasting impression. It’s our hope that such an experience can spark a lifetime of interest in STEM education and working in technology, and to reinforce that education is key; it’s the way forward.

    The HOLA ERG at Symantec.

    HOLA is for all of us

    You don’t have to be Hispanic to join HOLA — everyone is welcome. We encourage employees of all backgrounds to join. In May, HOLA members participated in the 2017 Silicon Valley Latino Leadership Summit. Most recently, on August 10, we hosted an event for the Hispanic Foundation of Silicon Valley (HFSV). On October 5th we will celebrate Hispanic Heritage Month in Mountain View through a special event offering Hispanic desserts, music, and art.

    With operations in more than 35 countries, Symantec is a truly global company, with a diverse workforce and customer base. To us, diversity is more than just race, gender and ethnicity — it’s also about creating a workforce that embraces every culture, language, age, sexual orientation, disability, background and experience. Giving a voice to those differences is how we define inclusion. We know this is good for our team dynamics, and good for our business.

    [1] Krogstad, Jens Manuel, “10 facts for National Hispanic Heritage Month,” September 15, 2016

    0 0

    Background Image on Blogs "Quilted" Page: 
    Publish to Facebook: 
    Twitter カードのスタイル: 

    Mankind has undergone a massive transformation over the last couple of millennia, yet for much of humanity, 10 simple rules handed down from on high are still pretty effective at producing worthy citizens and a civilized society. 

    This got me wondering if we could find Ten Commandments for data protection, and this is what I explore in this blog.

    As organizations continue to evolve through their own digital transformations, data security has become more complex. Good custodians of data are starting to integrate a number of elements in place to keep it safe. Excellent custodians of data are going even further and putting in place integrated systems that bring together technology, process and human behavior.  So here are my 10 Commandments of Data Protection:

    1. Know your data

      If you can’t define what data is sensitive, then obviously you won’t be able to protect it! Ensuring you can identify all your sensitive data is achieved using the best that people and technology can offer. Certain data are easily defined, so technologies such as Data Loss Prevention or Cloud Access Security Brokers (CASB) do a great job of finding it - at rest, in motion or in the cloud. However, true enlightenment comes when you bring the power of people into the mix. Allow your data owners to also tag sensitive data and you have a complete way to classify data across its entire lifespan.

    2. Protect what’s rightfully yours - consistently

      Now that you have a comprehensive view of your sensitive data, make sure it’s kept safe. The best way to do this?  Encryption. Using data classification to determine the need for protection allows you to consistently apply the appropriate protection based on the level of sensitivity, saving you from “re-inventing the wheel” every time.

    3. Provide omnipresent protection

      Things are not always black and white so how can you apply protection in shades of grey? For example, it might be OK for someone to open a document, and even for them to edit it, but not to print a hard copy. Take encryption to the next level and incorporate Digital Rights Management to give you better flexibility and control.

    4. Give your cloud a silver lining

      The cloud represents the best, and worst, in humanity.  It allows open collaboration and individuals to demonstrate the generosity of human spirit.  But this generosity can lead to data being overly shared, and that’s where trust can be eroded. There is a better way. Protection that follows the data – even into the cloud - ensures that wherever, and with whomever data resides, a generous spirit can always a good thing.

    5. Don’t let just anyone unlock your secrets

      A decryption key, in the wrong hands, can be dangerous. How can you control who can access your data? Well, instead of just relying on the decryption key, why not embed a user’s identity into the process. And, if you add the third dimension of multi-factor authentication, you can be really confident that when a user opens a document, it really is them and not an imposter. This is how you start to reduce the risk of account takeovers.

    6. Keep an eye on your flock

      Just as a good shepherd has the ability to watch over his flock, you can keep an eye on all your data users – especially when they are not part of your organization and located on the other side of the world. 

      As users authenticate to access a document, you have a means of watching who is accessing what, from where. You can encourage good behaviors, and intervene before anyone strays too far from the right path. Help your users to respect sensitive data, and you’re well on the way to full protection.

    7. Control at the data level, for protection everywhere

      You no longer need to fear the unknown. Even if data has been scattered to the four winds, and is stored multiple times in the cloud, on a plethora of devices, across multiple countries and users, information centric security keeps it safe. For example, using identity-based authorization at the data level keeps you fully in control. You know that only the right people have access, and you can step up (or down) security by being context aware.  For example, if users are accessing data remotely, on unmanaged devices you would ask for additional levels of authentication.

    8. Develop the ability to revoke access to the data anytime

      What happens when people move on, take a new role or outside vendors change? Can you take back what you’ve given them? Well, now you have the ability to track who is accessing what data, you can see when data is at risk of abuse. By using a cloud-hosted service that can both track and control access for users from inside and outside your organization, you have a system that delivers “actionable intelligence.” 

      If a user starts acting out of character (think along the lines of how credit card companies monitor for anomalous spending behavior to detect fraud), or no longer has a legitimate reason to hold that data, then you can limit or even remove their access. So while you can’t remotely delete a document (we haven’t yet found a way to deliver that miracle!), you can make that document unreadable by effectively locking it, and throwing away the key!

    9. Manage just the data that matters

      Here is the interesting conundrum. Not only do we have more data to protect, but the way we protect data creates even more data! A data squared problem! How are we meant to monitor every single piece of sensitive data, understand whether it’s moving to the cloud or has been accessed by mobile users and devices. It’s impossible, so we need to focus on the alerts that really matter – but how do we know that?

      Take this example: If your systems are set to protect sensitive data that leaves the organization, then this is safe and you do not need to do anything. But if your data protection systems work in isolation, they may generate multiple events, and that can quickly overwhelm your team.

      The intelligent integration of data protection systems solves this problem. We imagine a world where a Data Operations Center is established that collates information from various systems (e.g. DLP, CASB, information centric encryption, authentication etc.) to help you act on the events that matter, helping you separate the wheat from the chaff.

    10. Make threat protection personal

      Account takeover is a big problem, when a legitimate account is being controlled by a malicious actor then you have problems – your security systems can be easily bypassed because the attacker now has the key to your front door. 

      Monitoring not just who is accessing your data, but how they access it unlocks tremendous insight. Being able to mine the data in your Data Operations Center and correlate it with user behavioral analytics will show where your risk lies. Not only can you find user accounts that may have been compromised, but also well-meaning users who are inadvertently putting your data at risk. The key -- being able to act on this information quickly to contain the risk and even stop a breach before it happens. 

      Information Centric Security

      By following these 10 Commandments you take data protection to a higher plane. You get the best of technology and people, and allow people to share, support and encourage each other, while eliminating some major risk areas. We have based our whole information centric security approach around these tenets to ensure that you don’t stop the flow of information, but you have the power to control over with whom and how it is shared, allowing you to maintain both visibility AND control, even with outside users.  Protection can be dynamic as you can revoke access over time. We don’t want to flood you with data, so we use telemetry to rise above the flood and help you protect what matters, and smart analytics ensure you can take fast and decisive action before, or just after a breach occurs.

      So, to recap, the data protection 10 commandments are:

      1. Know your data

      2. Protect what’s rightfully yours – consistently

      3. Provide omnipresent protection

      4. Give your cloud a silver lining

      5. Don’t let just anyone, unlock your secrets

      6. Keep an eye on your flock

      7. Control at the data level, for protection everywhere

      8. Develop the ability to revoke access to the data anytime

      9. Manage just the data that matters

      10. Make threat protection personal

      If you want to find out more, watch my recent webinarHERE, where Heidi Shei (Forrester Research) discussed a number of data protection challenges and I demonstrated Symantec’s Information Centric Security approach.