Sie sind auf Seite 1von 10

WHITE PAPER:

CYBER RESILIENCE: INTELLIGENT SECURITY


.FOR
. . . .TODAYS
. . . . . . . CONNECTED
. . . . . . . . . . . .ENTERPRISE
................

Cyber Resilience: Intelligent Security for


Todays Connected Enterprise
Who should read this paper
This paper is for business leaders who face the challenge of protecting
their enterprise in todays increasingly complex and dangerous threat
environment. Traditional security measures are not up to the task.
Worse, their rigid enforcement can slow innovation and agility within the
organization. Thats why Symantec supports a security policy based on
cyber resilience. A strategy built on resilience increases visibility into
cyber attacks, anticipates them, and mitigates their impact, without
impeding necessary business functions. But it requires a security leader
with extensive experience, solutions, and expertise. Symantec possesses
all of these assets, along with the infrastructure needed to support a
comprehensive cyber-resilient security strategy. This paper
demonstrates why Symantec is your ideal partner in developing a cyberresilient security strategy.

Cyber Resilience: Intelligent Security for Todays Connected Enterprise


Content
Security is Hard in an Open Workplace. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
The Solution is Cyber Resilience . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1
Symantec Has Industry-Leading Security Intelligence . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Symantec Has a Plan for Your Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Symantec Security is Always On, Everywhere . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Symantec Offers Key Benefits for Your Business. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4

Cyber Resilience: Intelligent Security for Todays Connected Enterprise


Security is Hard in an Open Workplace
To keep pace in todays competitive world, organizations are embracing more open and connected ways of doing business. They rely
increasingly on virtualization, social media, extranets, the cloud, and the Internet of Things. Many allow employees to use their personal
devices for work. All these connections make an enterprise more agile and competitive. But they also open the door to a dizzying array of new
security threats. Indeed, by 2020 more than 50 billion things will be connected to the Internetand thats 50 billion more security concerns.
Many organizations take on this challenge with the traditional weapons of defense. But these are not up to the challenge. The old
waycontinually throwing personnel and point products at the problemis no longer effective. No company can simultaneously analyze
alerts, track vulnerabilities, implement security policies across systems, and effectively assess volumes of threat data in real time. No
company can achieve a culture of speed and innovation when every process is bogged down by arduous and inflexible security protocols.
In our constantly more complex corporate landscape, security success means intelligence, vigilance, and rapid reaction. It does not mean an
ever-higher brick wall. There is no brute-force strategy effective against increasingly varied, speedy, and sophisticated attacks. Enterprises
must admit that breaches will happen in spite of an organizations best efforts and acknowledge that, even if it is safe today, there will
certainly be a new, more virulent threat tomorrow. The answer is a layered security approach that is flexible, scalable, and threat-focused,
that gives visibility across the attack spectrum and defends the enterprise before, during, and after an attack.

The Solution is Cyber Resilience


To minimize the damage of attacks in todays threat landscape, organizations must fundamentally change the way they think about security.
They must understand that eliminating risk entirely is not possible. And they must admit that a stubborn insistence on trying to do so will
slow agility and innovation, and will blunt their competitive edge. Instead, organizations should focus on cyber resilience.
Cyber resilience is a smart approach to security. It recognizes that workers will make mistakes. It acknowledges that cybercriminals, armed
with increasingly sophisticated methods and spurred by increasingly lucrative rewards, will find cracks in even the most advanced security
systems. It realizes that todays attacks are less frequently one-off attempts than they are sustained campaigns. It knows that the best
defense is to anticipate breaches, identify them as soon as they happen, and fix them quickly. It monitors vital business assets and uses
security intelligence to guide actions and support agility. Its not a defensive stance focused on malware but a realistic strategy of resilience.
So where do you find a vendor with the ability to implement an effective plan of cyber resilience? Look to a vendor with years of security
experience, the most advanced security architecture, and industry-leading solutions and resources of security intelligence.
Look to Symantec.
We have the solutions you need to implement the layered security necessary for a cyber-resilient enterprise, from securing the data center
and server-to-server communications to the organizations endpoints and gateways, remote access, mobile devices, and the cloud. Our
solutions help you discover, track, and protect data and users. And our managed security service offerings provide monitoring and big data
analysis.
We gather malicious code intelligence from more than 130 million client, server, and gateway systems that have deployed our protection
products. Our distributed honeypot network collects data from around the globe, capturing previously unseen threats and attacks and
providing valuable insight into attacker methods.

Cyber Resilience: Intelligent Security for Todays Connected Enterprise


We have thousands of experts worldwide and a cutting-edge approach to security built on decades of experience. We have five PCI-certified
Security Operations Centers around the globe staffed with top-flight security professionals. We have the scale to protect information
wherever its stored or accessed. And we have the capacity to respond to attacks immediately.
Symantec Global Intelligence Network maintains worldwide visibility into the threat landscape via 65 million attack sensors that constantly
monitor networks and vulnerabilities. It gathers data from one of the worlds most extensive antifraud communities of enterprises and
security vendors. It checks more than 1.4 billion web requests and 8 billion emails a day.
We possess the back-end architecture required to support your big data needs, collecting 10 trillion security logs per year from more than
100 discreet technologies. We provide hosted services, including authentication services that utilize a tier-4 military-grade data center,
handling more than 3 billion validations per day and issuing nearly 300 million certificates into device ecosystems. And, just as important, we
provide the reliability and scalability to guarantee that its all there when you need it.
Our assets give our analysts unparalleled sources of data with which to identify, analyze, and provide informed commentary on emerging
trends in attacks, malicious code activity, phishing, and spam. And they give your security teams the access to find and analyze the
intelligence that matters to you, to quickly return actionable data that you can use to continually refine your systems and protect your
organization better today than yesterday.

Symantec Has Industry-Leading Security Intelligence


Information is the currency of modern business. And securing the masses of information collected by todays enterprise is a big job. But were
up to the challenge.
We have 20,000 employees, 1,000 of them security analysts and researchers, placed in 50 different countries. In fact, were the fourth
largest software company in the world, protecting 99 percent of the organizations in the Fortune 500. We operate one of the largest civilian
cyber intelligence threat network anywhere, giving us unique insight to what attackers will try next.
We protect more than 1 billion systems. We secure 8.4 billion email messages a month and 13 billion web requests a day. We monitor
reputation for more than 4 trillion files and applications, a number that grows by 20,000 per second. We track 3.7 trillion threat indicators
annually across the Internet and continuously collect new telemetry from hundreds of millions of mobile devices, endpoints, and servers
around the globe, coverage thats unrivaled in the industry.
But effective security is not just a numbers game. It demands the ability to create threat intelligence and give context to incidentsthe
context of motivation and intent. Symantec DeepSight Security Intelligence does that. It delivers timely and relevant threat, vulnerability,
and reputation intelligence, enabling you to adjust your security posture to fit the shifting threat landscape. And because its a single data
source focused only on relevant threats and issues, it enables your IT staff to respond effectively while freeing up time for other tasks.
Our vast array of security data, combined with more than 30 years of experience analyzing it, enables us to provide unmatched intelligence
and protection. But we dont only offer threat intelligence; were constantly pioneering new solutions in fast-developing fields such as mobile,
cloud, appliances, backup, data loss prevention, and authentication. By pooling the intelligence collected via the solutions in your internal
environment with our external threat intelligence, we give you a 360-degree view of your threat landscape.

Cyber Resilience: Intelligent Security for Todays Connected Enterprise


Symantec Has a Plan for Your Security
We have the experience, resources, products, and services that every organization needs to create a solution for its unique security concerns.
We dont provide a patchwork of point products; we offer comprehensive solutions.
At floor level, we give your organization an integrated vision to help assess your existing security posture and educate your employees so they
are security conscious every day. We give you easy ways to track data, so when individuals do make mistakes, your security net will catch
them.
Facing outward, we have a variety of technologies embedded in our products that are designed to detect threats accurately and quickly. We
also have several service offerings that enable a variety of capabilities, from security monitoring and prioritization to advanced threat
protection and incident response.
Of course, managed services are not right for all organizations. But for those that are large or operating in industries where strong security is
vital, Symantec Managed Security Services makes good sense. And as the volume and variety of big data grows at organizations of all sizes,
we see a growing number of smaller companies looking to our managed security services offerings.
A primary reason for our managed services offerings being so attractive is that they help organizations better prepare, by giving them the
ability to become more proactive with their security. For example, one client faced ongoing attacks by hacktivists breaking into its system
for politically or socially motivated purposes and was concerned that an upcoming virtual event with high visibility might be disrupted. The
client needed an assessment of the potential for disruption in order to take proactive measures. Our analyst team researched online sources
to pick up chatter and identify threats to the client and assessed the capabilities and indicators associated with the perpetrators. The team
then delivered to the client its assessment, along with supporting data and risk projection.
In another instance, our motivation-and-intent predictive analysis identified a new campaign planned by hacktivists against a customer
operating in an industry thats the target of various groups. We notified the customer before the attack, enabling protective measures to be
put in place. If there had been a more general threat, all members of the managed services community would have been alerted. One of the
true benefits of being part of such a community is the ability of all members to take advantage of the collective knowledge and shared
intelligence of the group.

Symantec Security is Always On, Everywhere


Few organizations, no matter their size, have the combination of leading-edge technology, experienced personnel, proven processes, and
continuous threat intelligence needed to guarantee effective security, not to mention the infrastructure necessary to guarantee secure data.
Organizations that do choose to tackle security in-house with a host of patchwork products or that try to build their own big data solutions
invariably find themselves struggling to identify real threats in the flood of alerts and quickly respond. They face the following barriers to
achieving and maintaining effective security programs:
Growing volatility and sophistication of threats
Expense of keeping up with the latest security solutions and attack trends
Need to find, hire, and retain security staff (just 17 percent of large organizations believe they have the right level of security skills to
adequately address malware detection, response, and analysis requirements)
No easy way to leverage the expertise of other companies, meaning targeted attacks can go undiscovered for months or longer
Vast amounts of hard-to-manage data generated by security products

Cyber Resilience: Intelligent Security for Todays Connected Enterprise


Symantec offers integrated solutions for an enhanced level of protection and service offerings with 24-hours-a-day, 7-days-a-week vigilance,
resulting in a strengthened security posture and a reduction in the risk of cyber threat.
We also ensure our operations and data centers adhere to the strictest security processes and standards. In addition to Symantecs own
extensive information security policies and practices, we are regularly audited by independent third parties such as top global audit firm
PwC, which conducts a stringent independent audit of our data protection and security arrangements on an annual basis. We maintain the
following certifications: SOC2, WebTrust, FIPS, and ISO 27001. We also support key privacy regulations and standards such as the Patriot Act.
We make all reports and requests available to our customers.

Symantec Offers Key Benefits for Your Business


Symantec helps you prepare, protect, detect, respond, and recover. We help you build a comprehensive security strategy across your
organization, including education and incident-response services. And we provide solutions to meet all your needs, such as security at the
endpoints, data center, and gatewaysolutions to secure your remote access and internal communications, data feeds for visibility,
managed services to correlate all your security intelligence, and solutions that make sure you can recover your valuable data if an attack does
occur.
Symantec partners with you so you can refocus the efforts of your security team:
Our industry-wide partnerships allow us to craft solutions that work together with your existing infrastructure to collect and identify
attacks more quickly.
Our solutions are designed with built-in intelligence to reduce the burden on your IT organization so it can focus on more strategic
initiatives.
Our capacity and capabilities allow you to outsource your security to us if you choose, so you can leverage our huge economies of scale.
Whats more, we carry the burden of technology developments. If new capabilities are required, we make it happen.
Our economies of scale not only make security more economical but also bring significant enhancements in detection because we have
visibility across our entire customer base.
We possess the human expertise that allows our team of analysts to inform our customers about emerging threats.
All members of our community can leverage the communitys collective wisdom to better defend themselves. With Symantec, no
organization is an island. When a threat is discovered, every member benefits because we notify not only the target (if there is one target)
but the entire community.
We combine real-time threat, vulnerability, and reputation information so that organizations can develop an effective decision-making and
response posture to thrive in the increasingly hostile threat landscape. We identify attacks, even the most complex and targeted attacks,
in minutes or hours rather than months or years. And when incidents happen, we help you recover quickly.
In short, we free your IT staff from the jobs of integration, threat monitoring, and vulnerability researchand, in so doing, we increase
productivity.

Conclusion
Organizations today are embracing more open, more connected ways of doing business. Indeed, this approach is now essential for
enterprises that seek to be innovative and competitive. But an open, connected workplace is also open to new and sophisticated security
threatsand the old tools of defense are not up to the challenge. Theyre too slow and inflexible, they sap personnel and resources, and they
inhibit the agility and innovation that enterprises are seeking to attain.

Cyber Resilience: Intelligent Security for Todays Connected Enterprise


The Symantec strategy for cyber resilience is a more intelligent approach to the increasingly complex and sophisticated threat landscape.
Cyber resilience emphasizes the managementnot eliminationof risk. It recognizes that security needs to go beyond systems, software,
and IT departments, arming people with the ability to recognize risks, build the necessary processes, leverage the collective intelligence of
others, and take preventive or corrective action.
Our extensive security portfolio helps you create a layered approach to security so you can identify internal threats, stay informed of the
external security issues that threaten your organization, and take action against them quickly and comprehensively. And our security
portfolio is backed up by our industry-leading experience, global security architecture, and unrivaled security intelligenceeverything you
need to be cyber-resilient.

Cyber Resilience: Intelligent Security for Todays Connected Enterprise

About Symantec
Symantec Corporation (NASDAQ: SYMC) is an
information protection expert that helps people,
businesses, and governments seeking the freedom
to unlock the opportunities technology
bringsanytime, anywhere. Founded in April 1982,
Symantec, a Fortune 500 company operating one of
the largest global data intelligence networks, has
provided leading security, backup, and availability
solutions for where vital information is stored,
accessed, and shared. The company's more than
20,000 employees reside in more than 50
countries. Ninety-nine percent of Fortune 500
companies are Symantec customers. In fiscal 2014,
it recorded revenue of $6.7 billion. To learn more go
to www.symantec.com or connect with Symantec
at: go.symantec.com/socialmedia.

For specific country offices

Symantec World Headquarters

and contact numbers, please

350 Ellis St.

visit our website.

Mountain View, CA 94043 USA


+1 (650) 527 8000
1 (800) 721 3934
www.symantec.com

Copyright 2014 Symantec Corporation. All rights


reserved. Symantec, the Symantec Logo, and the
Checkmark Logo are trademarks or registered
trademarks of Symantec Corporation or its affiliates in
the U.S. and other countries. Other names may be
trademarks of their respective owners.
11/2014 21341777

Das könnte Ihnen auch gefallen