Symantec CEO Argues Against Piecemeal Security

SAN FRANCISCO — Symantec’s new CEO put it plainly in his keynote at the RSA
Conference yesterday morning: The current security model isn’t working.

“It’s time for us to change how we approach security. It’s time to change the game,”
Enrique Salem told hundreds of attendees in one of his first major speaking appearances
assuming the top spot at Symantec
last year.

Urging security managers to “operationalize” their efforts, he urged the creation of
“a bridge between day-to-day operations and security departments” to create shared plans
and goals.

“We know that the most effective programs are those that bring together security,
storage, and systems management to automate the repetitive tasks that consume most of
your time,” he noted. “When you bring together these areas, it’s possible to be more
proactive and policy-driven.”

Security remains a struggle after all this time, he said, in large part because
administrators still perform manual analysis of threats against their systems within
carefully partitioned silos. One team configures laptops, another looks after the
datacenters, an operations team keeps an eye on routine tasks and an entirely separate
security team does vulnerability testing.

As a result, security is done piecemeal. Stand-alone products at various points within
the system hamper policy coordination, making automation of many processes nearly
impossible. Lower-level administrators end up creating de facto policy day-by-day based
on how they configure e-mail, backup and server security.

Instead of such seat-of-the-pants security planning, Salem proposes a new approach
that’s “risk-based, information-centric, responsive, and workflow-driven.” has the rest of the story on Salem’s proposal.

Latest Articles

Follow Us On Social Media

Explore More