Vishal Dhupar, MD, Symantec India cracks all queries concerning the emerging Web threats, importance of endpoint security and Symantec’s Security 2.0 vision.

Can you comment on Symantec's stand on emerging Web threats?

The current Internet threat environment is characterised by an increase in data theft, data leakage, and the creation of targeted, malicious code for the purpose of stealing confidential information that can be used for financial gain. Cyber criminals continue to refine their attack methods in an attempt to remain undetected and to create global, cooperative networks to support the ongoing growth of criminal activity.

Symantec tracked the trade of stolen confidential information and captured data frequently sold on underground economy servers. Servers are often used by hackers and criminal organisations to sell stolen information, including social security numbers, credit cards, personal identification numbers (PINs) and e-mail address lists. Symantec observed high levels of coordinated attacks combining spam, malicious code, and online fraud. Spam originating in India accounted for 1% of all spam originating in the top 25 spam-producing countries making India the eighteenth ranked country worldwide for originating spam.

What are the top threats as far as enterprise security is concerned?

In the latest Internet Security Threat Report released by Symantec, these are some of the threats documented as far as enterprise security is concerned. The current threat environment is characterised by an increase in data theft, data leakage and the creation of malicious code that targets specific organisations. There is an increased inter-operability between diverse threats and blended threats. There is a high level of malicious activity across the Internet with increases in bot networks, phishing, spam and Trojans.

Why is endpoint security so important? What are the latest trends in endpoint security?

Managing the dynamics of the endpoint infrastructure is a challenging task and organisations now face a threat landscape that involves stealthy, targeted and financially motivated attacks that exploit vulnerabilities in endpoint devices. According to the Internet Security Threat report Volume XI [released on May 24, 2007], level of attacks are getting modular, sophisticated and aimed at financial gain. There are clear signs of online underground economy for fraud and India has become a participant in the fraud food chain. There is increasing evidence of data leakage and financial driven crimes and old threats persist, as newer threats continue to emerge.

Traditionally, administrators have made sure that each endpoint has antivirus, antispyware, desktop firewall, intrusion prevention, and device control technologies installed on it. But deploying these security products individually on each endpoint is not only time-consuming, it also increases IT complexity and costs. Organisations now need to provide management, training, and support for a variety of different endpoint security solutions.

How does Symantec's Endpoint Protection solution tackle emerging threat issues?

Symantec’s endpoint security is going to tackle threat issues through an integrated approach. Antivirus, antispyware and other signature-based protection measures, which are primarily reactive, may have been sufficient to protect an organisation’s vital resources a few years ago, but not today. Organisations now need proactive endpoint security measures that can protect against zero-day attacks and unknown threats. They need to take a structured approach to endpoint security, implementing a solution that not only protects them from threats on all levels, but also provides interoperability, seamless implementation, and centralised management. This approach calls for consolidating endpoint protection technologies in a single, integrated agent that can be administered from a central management console.

Can you elaborate on Symantec's Security 2.0 vision?

Security 2.0 is not a new service or application. It is an integration of software, services, and partnerships that protect our most important asset information and interactions. Security 2.0 has evolved in response to a dramatically shifting threat landscape. Protecting the information and securing interactions takes more than bolted-on security. It takes integrated products and services that provide a holistic view into an organisation’s security posture. It also takes solutions that identify risks early so that steps can be taken to mitigate them and prevent an attack. And it entails enabling customers to manage their security events no matter what products they may already have installed. Security 2.0, which integrates software, services, and partnerships, represents Symantec’s vision for building confidence in today’s connected world. Its goal: the comprehensive protection of business interactions, critical information, and IT infrastructure.