With $5 billion in global revenue, Symantec is the 500 pound yellow gorilla in the cybersecurity business. Some dimensions on the beast: installed at every Federal cabinet-level agency; supports 350,000 customers; tracks 700,000 hackers; and leverages more than nine trillion elements of security data. Now, that’s a big monkey.
A little history–established in 1982, Symantec mostly invented the cybersecurity space. The company’s made more than 80 acquisitions over the years. It’s been more than a year since Symantec announced its $4.6 billion Blue Coat acquisition to round out its web and cloud security offerings. In the interim, big yellow’s been shopping some more, buying FireGlass to combat ransomware, malware, and phishing and Skycure to protect mobility. Today, Cyber Kong’s flexing its innovation DNA as well as its financial muscle to transform Federal cybersecurity.
Simplicity is Beautiful:
I sat down with Chris Townsend, Federal vice president at Symantec, last week, and he focused on making cybersecurity simpler–yes, that’s standardization and automation. “Today’s cybersecurity landscape is littered with shiny objects–terrific new products that address a specific emerging need, but introduce ever more complexity and confusion for agencies to manage,” said Townsend, as he sipped on a cup of joe. Townsend’s certainly not new to cyber, having earned his stripes at Cisco, StoneSoft, McAfee, and, most recently, Blue Coat.
Townsend and Symantec corporate are betting big on their ability to bring sanity to the complexity–providing common cybersecurity standards that will lay “standard-gauge tracks” for the coming cybersecurity “Automation and AI Express” train.
“FITARA, Cyber EO, and MGT modernization initiatives present a golden opportunity for Feds to simplify IT, rethink cyber, and build a standardized architecture,” said Townsend. “This is a great time for agencies to take a step back and build cyber plans that tie to their mission and risk mitigation strategies. As they evaluate existing investments and identify overlap/redundancy, agencies can generate savings for reinvestment. It’s time to look at common services vs. building everything in silos. And, we need to roll out automation–and AI–to improve threat identification and mitigation.”
“We brought Symantec and BlueCoat together to create one best in class ‘integrated cyber defense’ solution set,” said Townsend. “With Symantec’s core strength in identity management, data loss prevention, and end-point protection coupled with Blue Coat’s capabilities in web and cloud security, we now have the broadest, integrated solution set in the industry.”
“Sure, we’d love it if agencies want to standardize on Symantec end-to-end, but that’s not typically realistic or sometimes even feasible,” he continued. “But, our solutions are built on a standards-based integration framework and can easily work with other solutions on the market.”
Talking to AI, Townsend stressed his company’s investment appetite. “We’ve committed $10 billion in R&D, and we have more than 20 PhDs working on machine learning architectures, algorithms, and applications at our Center for Advanced Machine Learning. Our threat intelligence and AI assets allow us to detect 3.2 million threats every day.”
“We’ve got a whole new line up of offerings on the way, like our recently announced cloud generation endpoint–it’s the first to combine deception technology, mobile defense, and Endpoint Detection and Response (EDR) in a single agent,” he enthused. “Deception technology deceives hackers into believing they have successfully breached an organization, when in reality, they have actually been moved to a false environment where they are served up fake assets and information while the security team works to neutralize the attack.”
The Cloud Thing:
No surprise, Townsend sees cloud as the future. And, Symantec’s doing more than talking cloud.
“We just got one offering in process for FedRAMP certification–our Email Security Service–and will have three more in process by the end of the calendar year–our Web Security Service (WSS), Cloud Access Security Broker (CASB), and Data Loss Prevention (DLP) offerings,” said Townsend. “We plan to certify a total of seven offerings. We also work closely with AWS and we’ve moved all back office systems at Symantec Corporate to Microsoft Azure.”
But, he does observe that the shift to the cloud is happening a lot more quickly in the commercial market–and he recognizes that cybersecurity anxiety is putting the brakes on the transition. Townsend sees this concern as an opportunity. “CDM’s doing a great job resetting the rules for Federal cyber–it’s playing a key role in making things simpler and accelerating the move to the cloud,” he observed. “You can fully expect Symantec to play a bigger role in this program moving forward. CDM, DISA’s endpoint tech for HBSS follow on, these are critical targets for our growth.”
“We’re witnessing today’s TIC strain against agencies’ move to cloud,” said Townsend. “OMB needs to overhaul the current TIC architecture–it’s tough to make this work with disparate systems, and we don’t want TIC to thwart the economies and agility promised by the cloud. We’re currently in a lot of TIC stacks and in three of the four MTIPs stacks–so we’re ideally positioned to help the government evolve the program forward.”
Cyber Block Party:
Demonstrating Symantec’s commitment to bring the cyber market together, stimulate dialogue, and drive the pace of cyber’s tomorrow, Townsend focused the spotlight on the Dec. 5th Symantec Government Symposium. MeriTalk’s sister organization works with Symantec to host this conference.
“The Symposium is focused on the major issues we’re facing today–from cyber sabotage and insider threats to IT modernization and everything-as-a-service,” said Townsend. “The program will feature speakers from Commerce, GAO, ODNI, the National Security Council, and many more–all the heavy cyber hitters. We’re really looking forward to it.” Townsend and Symantec aren’t monkeying around.