It's official: The problem of worms and viruses is "solved"--at least according to Symantec chairman and CEO John Thompson. The more relevant security threats today are phishing and fraud, as well as organized crime's interest in stealing and reselling personal information, Thompson says. Not that Symantec will stop cashing checks made out to it for antivirus software. But the company's "Security 2.0" strategy, detailed for the first time last week, tackles broader threats beyond its popular Norton PC security line, including database, E-mail, and identity-theft protection.
Worms "solved," Symantec chairman and CEO John Thompson says; now, about Microsoft ...
As part of Security 2.0, Symantec will partner with security services company VeriSign and IT services firm Accenture. Symantec plans to integrate its Norton Accounts software with VeriSign's Identity Protection Authentication Service, which will let Symantec customers use one-time passwords when conducting online transactions. Symantec's relationship with Accenture will augment the security vendor's 1,000-person global services operation and let it help customers mitigate compliance risks, manage security operations, and build more secure applications. Symantec hopes security services account for 10% of its business by 2010.
Symantec plans additional Security 2.0 products and services that will let companies index not just structured data, but also unstructured content in instant messages, E-mails, and files, helping companies comply with regulations and cooperate with investigations.
Customers like Symantec's new direction and agree that E-mail worms and viruses are largely under control. "IM is becoming the new threat vector," says Seth Shestack, chief information security officer for Temple University. "Telling students they can't have access to IM is like telling a bank they can't use money."
Rivals aren't sitting still. McAfee is attempting a strategic expansion similar to Symantec's, but mainly through acquisitions. By the end of this month, McAfee will tie acquired compliance-auditing and anti-malware software into its security management suite, ePolicy Orchestrator, and next year will add vulnerability management, policy compliance, and data protection. Also, Microsoft is stepping up as a security player. Microsoft has its own antivirus software called Windows OneCare, and Vista, the upcoming version of Windows, will incorporate Windows Defender for protection against spyware.
But Microsoft's strategy focuses largely on operational aspects of security, says John Kirkwood, global information security officer for Royal Ahold, an international supermarket operator. And Kirkwood likes Symantec's new approach: "I expect the companies I deal with to change and grow into new spaces over time."
Symantec's Thompson may think the antivirus software market won't grow, but companies will be buying antivirus protection for the foreseeable future, and Microsoft and others want their piece. Security 2.0 holds potential for companies facing emerging security threats, and for Symantec looking to expand beyond its desktop domain.