Symantec Corp. has released results from its latest Internet Security Threat Report (ISTR), which found most malicious activity to be Web-based and primarily occurring in the government and education sectors.
Michael Murphy, vice-president and general manager of Symantec Canada, said today’s attackers are using Web sites, Web applications and Web content as conduits in which to obtain end-user identities and confidential information.
“What’s causing the problem today is the widespread nature of the Web,” Murphy said. “Attackers are playing on the whole trust avenue and are using social networking sites to exploit end users. End users are always going to be the weakest link and attackers are leveraging that to capture their data, even if it’s in piece-parts.”
What’s driving attackers is still financial gain, said Murphy. Any infrastructure where critical information is being stored is a key target for malware and attacks, and the government and education sectors remain hot targets.
“The government is more of a target than any other area,” Murphy notes, “because that’s where the most valuable information about individuals is being stored.”
In the education space, Murphy said most data breaches and identity loss threats occur as a result of hardware and device threat or loss.
For Symantec channel partners, Murphy said working in these market segments will help partners make more money as they continue to raise awareness and, in turn, increase their overall sales opportunities.
“Data is falling into the wrong hands and encryption is critical, so if the data is lost or compromised at least it can’t be used,” Murphy said. “Data must be encrypted where appropriate and managed to bulk up security. Where the channel can play in this space is in adding to their portfolio a consulting and information practice where they’re also selling services and solutions around data loss prevention (DLP).”
Where partners can see the most financial benefits, he continues, is by also adding on services along with security products.
“In Canada, for every dollar of a product a partner sells, they can see about $3 to $4 more of services on top,” he said.
Paul Edwards, director of SMB and channel strategies at IDC Canada, said along with the consumer play, partners can also address security on the business side of things.
“There’s an ongoing opportunity for partners around security in the SMB and enterprise space, and particularly in the financial sector,” Edwards said. “Partners need to develop a strategy to talk to clients about the different levels of threats and different products that are available to up-sell and cross sell to end-users.”
Looking ahead, Murphy said there’s a trend towards whitelisting, which is a list of everything that’s good. He explains the contrary, blacklisting, works by preventing anything that’s malicious or thought to be of that nature, from making it past the list. This, he said, is how most security technologies function today.
“I think the industry needs to move to more of a whitelist approach,” Murphy said, “where only trusted e-mail addresses and hosted names are on the list. Because there are over a million malicious code threats now, it would be hard to add all of them onto a blacklist. But when it comes down to it, I think you still need a combination of both a whitelist and blacklist in order to stay ahead. Because today, no security is okay without continual care and feeding.”