The keynote given by Symantec’s CEO Enrique Salem this past Tuesday and the series of presentations that followed exposed every attendee at Symantec Vision 2012 to just how dangerous today’s internet world really has become. Yet the larger threat that every business faces is not putting in place a solution to address them. Rather it is the danger that dealing with these threats will cause organizations to take their eyes off of the ball and fail to focus on where their business needs to go next.
Every business realizes it needs to protect its data from loss, keep its production applications highly available and secure its perimeter from attack or theft. The challenges each business faces as it seeks to deliver on these objectives are:
- What is the appropriate amount of data protection to put in place?
- How available do their applications need to be? (three 9’s, four 9’s or five?)
- What is the right level of security to put on the perimeter to keep the bad guys out while keeping our good data in?
If you were in attendance at Symantec Vision 2012 this week and heard some of the stats they had to share, you begin to realize just how difficult it is to achieve that balance. The paranoid among us might even think it is time for everyone to batten down the hatches, go into their bomb shelters and expect the apocalypse to strike at any moment.
Clearly that last statement is a bit melodramatic but there is an element of truth to it as I got a sense of what Symantec sees every day in terms of the number of attacks that it has to help businesses defend against. Here is just some of what Symantec had to share regarding what it sees in the security space:
- The number of threats increased 81% in 2011 over 2010.
- 1 million new pieces of malware are now written every single day.
- Cybercrime attackers made over $100 billion in 2011 and may have cost businesses between 3 and 4 times that much.
- It used to take a few minutes to discover a piece of malware. Now it may take months to detect it.
- Malware can now kill power grids, open dams and sabotage nuclear reactors.
- Threats are becoming more targeted towards individuals and the intellectual property they possess.
- 97% of security events are now false positives as attackers look to get in and get out undetected making it difficult for a business to know it has been compromised.
Yet potentially the biggest threat that companies face is becoming so consumed with reacting to these threats that they fail to create and then execute on more strategic initiatives that keep their company moving forward.
To Symantec’s credit, it realized that it is not immune from this same problem so back in 2010 it tried to envision what the world was going to look like in a few years. Frankly, it did a remarkably good job of constructing that vision. The most poignant part of Salem’s keynote was when he shared how Symantec in May 2010 documented how it thought the world might look in 2012.
- A transformed data center where tasks once only done inside the data center could be done anywhere
- People would use multi-purpose devices with both local and cloud storage
- People would move from one device to another without waiting for data to be moved
In other words, Symantec was envisioning the world of bring your own device (BYOD) to work that was a major theme of InterOp, another conference going on essentially across the street from Symantec Vision 2012. It was as he shared these thoughts that he also put on the big screen behind him a picture that closely resembled the tablet. This was the vision Symantec had developed in 2010.
However what was most impressive and is a credit to Symantec, it did more than just put a picture on a drawing board two years ago and then forgot about it. It treated that vision seriously and acted on it. As Salem said, “This is the year Symantec’s vision becomes a reality.“
Based on what I saw at Symantec Vision 2012, companies can learn a lot from Symantec. Yes, they can turn to Symantec to get data protection software, high availability software and security software to meet just about any level of need they may have from low to moderate to the most extreme.
Yet my primary takeaway out of Symantec Vision 2012 was that the real threat that today’s barrage of attacks against businesses present was how they can distract organizations from focusing on the business. Nothing is more distracting than when the information that you need to run your business on a day-to-day basis is suddenly not available and, in worst case scenarios, may actually be in the hands of someone else that may now use it against you or to even use it put you out of business.