Symantec CEO preaches new security model

SAN FRANCISCO -- With the job of protecting enterprise information becoming harder every day, Symantec Corp. President...

and CEO Enrique Salem said organizations must shift from a fragmented approach to security to a model that automates many tasks and improves security responsiveness.

"The current security model isn't working. It's time for us to change the way we approach security," Salem said in a keynote Tuesday at the 2009 RSA Conference. The answer, he said, is to "operationalize security."

RSA Conference 2009 For all the latest news, podcasts and more direct from the show floor in San Francisco, visit our RSA Conference 2009 special news coverage page.

Attackers, Salem said, are shifting from mass distribution to micro distribution of targeted attacks designed to steal confidential information. Combined with the onslaught of malware, organizations are at risk of employees misusing or abusing sensitive data, and workers are increasing that risk by bringing their own computer devices into the office.

Salem said organizations often take a piece-meal approach to security: point products, fragmented email, backup and server security policies, and siloed desktop, security and storage operations. The result, he said, is that companies end up with a lot of manual processes and a poor view of their security postures.

"If we're going to improve security, we need to make a bridge between security, storage and systems management," Salem said. That way, repetitive tasks can be automated and an organization can have a better view of its security across its entire environment, he added. He described the model as "risk-based, information-centric, responsive and workflow-driven."

For example, he said if an organization has a policy that customer credit card information can't be stored on a USB device and uses a data loss protection (DLP) tool that is content aware, the tool could trigger an alert of a policy violation, which would set a workflow process into motion and subsequently notify the appropriate personnel.

SearchSecurity.com: To get security news and tips delivered to your inbox, click here to sign up for our free newsletter.

"You're in control," he told the audience. "You decide what risks you're willing to take."

In a Q&A with reporters after his keynote, Salem said Symantec integrated the reputation-based security technology into its consumer products and will also integrate it into its enterprise endpoint protection product portfolio.

Portions of Salem's keynote hit home with RSA Conference attendee Tom McGinley, technical security manager at a healthcare organization.

"He had some interesting points about silos of security," McGinley said. "Part of what I have to do is bring silos together. I'm always looking for something to help me with that."

Too many point products -- antivirus, antispyware, antispam -- make managing security difficult, McGinley said, but some vendors are coming out with technologies that help.