The RSA Conference keynote by Francis deSouza ends with a listing of actions to implement for the security industry to advance in the right direction.So, what’s the answer? As we look forward, one part of the answer is absolutely making sure that organizations, that individuals, that countries have all the right technologies they need to protect themselves in every part that they need.
Now, as every new surface area opens up, whether it was smartphones or the Internet of things, it’s important to realize the old surface areas don’t go away. There have been all these discussions around: the perimeter is dead, you don’t need firewalls; or the new perimeter is great; or endpoint security is dead. The reality is these things don’t go away. Every new thing has been incremental.
And so, first step: have all the right protections in all the right places, but drive the integration. That’s sort of the big thing we need to do here.
The second step that we need to do is actually bring in the big intelligence. And big intelligence isn’t only a problem at the perimeter, or a problem at the endpoint. The truth is every single security product in your environment needs to have those three types of intelligence: what’s happening out there, what are the important assets in our environment, and what’s normal behavior for us.
There’s a lot of discussion right now and a lot of exciting work done, for example, around next generation firewalls. We love that space, and this talks around when we’ve moved from protocols and ports to talking about applications. And that’s absolutely a step in the right direction. The next step is to be content aware; understand what is the content actually going through your firewall, and that’s true whether you’re in the perimeter or at the endpoint, or even hosting your data in the cloud.So, next big ask, I think, of us as an industry, is really have that big intelligence across the environment. And then third, increasingly companies will look to security partners to deliver human expertise.
Part of it is driven just by simple supply and demand. The Bureau of Labor statistics said recently that the unemployment rate in IT security is 0%, and there was a recent study from Comp TIA that actually said that if you add it all up, the computer security segment in companies is actually under-resourced by about 30%.
So the reality is we’re either at 0% unemployment or there’s a deficit, and what that means is that companies are going to look to security partners to give them that security intelligence. Fewer said it’s the bigger security partners that can give them that security intelligence to help them with their environment, and they’ll want to consume it as a service, being able to draw down that expertise more when they feel like they are facing an attack, or they’ve just gone through an attack and are thinking about how to remediate their environment.
So, that’s how we think about security going forward. Now, a lot of you know that at Symantec we’ve actually gone though a deep review over the last few months and announced the next generation of our strategy at the end of January. A lot of the thinking that I’ve shared with you today has been pretty foundational for us. And so, what can you expect from us?
1. You can expect accelerated innovation with a focus on driving big intelligence across our entire portfolio.
2. You can expect newer, bigger offerings that are pre-integrated, so that we can take the cost out of integration away from our customers and deliver that internally ourselves.
3. A deeper focus on partnerships, both in the public and in the private sector, and even partnerships with other security companies. We’ll deliver better protection for our customers. Most of all, though, you can count on us for a renewed commitment and deep passion for giving the advantage back to the good guys. Thank you very much!