In The Boardroom Press Room About Us Research Reports Contact Us

In the Boardroom With...
Mr. Enrique T. Salem
Senior Vice President Security Products and Solutions
Symantec (NYSE: SYMC) Thanks for joining us today, Enrique. Please give our audience an overview of your background and your role at Symantec.

Enrique Salem: As the senior vice president of Security Products and Solutions at Symantec, I lead the overall enterprise and consumer security business strategy, guiding the team in identifying and developing Symantec's industry-leading security solutions. Prior to that, I was president and CEO of Brightmail, the leading anti-spam software that was successfully acquired by Symantec in 2004 and is now a key technology offered in Symantec’s Messaging and Web Security solutions. We can’t argue with this premise from Symantec’s profile: “Information is the currency of today's global economy. Individuals and enterprises rely on the global distribution and storage of information to govern nations, conduct business transactions, and make personal decisions.” Without divulging any confidential or sensitive information, is there a recent Symantec project with Homeland Security or in the U.S. Government sector that you can tell us about?

Enrique Salem: Very recently, through its Science and Technology Directorate, the U.S. Department of Homeland Security granted $1.24 million in funding to Symantec, Stanford University and Coverity, to be paid out over a three-year period. Symantec is receiving $100,000 of those funds to provide security intelligence, as well as test the source code analysis tool in our proprietary software environment, to help Stanford and Coverity target their research and development to best help commercial software developers.

In addition, Symantec has teamed with Komoku Inc., a small start-up founded by University of Maryland computer science professor Bill Arbaugh, for a project funded by the Homeland Security Advanced Research Projects Agency to develop a tool that finds and eliminates rootkits. A rootkit buries itself in the operating system, modifying the kernel to hide its presence and protect itself in order to keep the infected PC vulnerable to the attacker. Once a rootkit is detected, cleaning up an infected computer remains difficult. It has to be shut down and reformatted or restored from a back-up disk. Symantec is going to help automate the process by incorporating our Symantec LiveState family of restoration products into the tool. Symantec LiveState Recovery returns a computer to a trusted state, and Symantec LiveState Delivery can centralize provisioning, configuration and updating of workstations. We understand that Symantec has become increasingly active in the Power & Energy sector. Please give us an overview about Symantec’s enterprise solution for this market? Any examples?

Enrique Salem: Symantec believes that utility organizations can improve their security posture and safeguard this critical energy infrastructure using a four-step security process: assessment, policy creation and enforcement, security measure deployment, and security monitoring management.

For assessment, Symantec offers SCADA and DCS security and risk assessment services, corporate network vulnerability assessments, incident forensics, and penetration testing to help utility customers develop more robust information security infrastructures, processes and programs.

Policy creation and enforcement are critical, and Symantec believes the foundation of an effective security practice is a comprehensive, well-conceived security policy. For the control systems used by oil and gas pipeline and power and energy plant operators, security policies must control authorization rights to access critical information, who is authorized to perform what functions, as well as procedures required to ensure effective security. To assist with policy creation and enforcement, Symantec offers two solutions – Symantec Managed Security Services, so that organizations can leverage the expert assistance of Symantec’s security professionals to help create a security policy and deliver training to personnel; and Symantec Enterprise Security Manager, which provides comprehensive, policy-based security assessment and enforcement to management and measure adherence to established security standards.

Security measure deployment is also an important part of the solution, given that today’s security threat landscape is continually changing with new blended threats that leverage different types of malicious code (such as viruses, worms, and Trojan horse programs). Therefore, Symantec recommends protection at the gateway between the Internet and SCADA/DCS network, at the network level and desktop client security to protect against day-zero attacks. Symantec offers award-winning products for each of these tiers: Symantec Gateway Security includes integrated full-inspection firewall technology, protocol anomaly-based intrusion prevention and intrusion detection engines, award-winning virus protection, URL-based content filtering, anti-spam technology, and IPSec-compliant virtual private networking technology with hardware-assisted high-speed encryption; Symantec Network Security 7100 Series IPS appliances leverage an innovative Intrusion Mitigation Unified Network Engine (IMUNE™) that combines protocol anomaly, signature, statistical and vulnerability attack interception techniques (including attacks against ICCP and MODBUS protocols) to accurately identify and block known and unknown day-zero attacks, and worms from spreading throughout corporate and control system networks; and Symantec Client Security provides threat protection through integrated antivirus, firewall, and intrusion detection for remote, mobile, and networked client systems.

The final piece of the solution is security monitoring management. Implementing “technology-only” solutions without close monitoring and management actually undermines the effectiveness of security devices. While hiring experienced IT security professionals to monitor network security devices can help to mitigate risk, this option is cost-prohibitive for most utility companies. Therefore, Symantec Managed Security Services provide 24/7 centralized management and monitoring of protection technologies along with early warnings, incident response, and decision support. These services ensure that all security devices are configured properly and fully patched, while security experts monitor the actual activity on each device to detect malicious activity in real time. How about the Healthcare, Financial Services, and Telecommunications verticals? Any recent success stories you care to mention?

Enrique Salem: Symantec offers a range of solutions for managing, measuring and reporting on compliance, defending against attacks, and educating end users about how to reduce security risks.

Symantec recently announced the availability of Symantec IP-ATM Security, the industry’s first complete real-time endpoint compliance solution to implement fully protected Internet Protocol (IP) Automated Teller Machines (ATMs). Symantec IP-ATM Security includes antivirus, host intrusion prevention, device control, policy enforcement, remediation, and control over managed and unmanaged endpoints to provide banks a secure and manageable ATM infrastructure. Using our solution, banks and financial institutions can mitigate the risk from malicious attacks, viruses and hacking attempts to provide a safe banking experience for their end customers. Symantec recently announced that it has added new protection features to its consumer and enterprise antivirus solutions. May we have an overview?

Enrique Salem: In order for Internet security solutions to be effective, they must keep pace with the rapidly evolving threat environment. Therefore Symantec delivered product technology updates to our consumer and enterprise antivirus solutions to help ensure users have expanded protection against stealth computer threats.

The updated antivirus scanning engine removes many of today’s most stubborn threats from home and enterprise computer systems through its new driver technology. The engine works before the operating system loads - in kernel mode - and protects users against malicious code that attempts to hide from current scanning methods. By operating in the kernel mode, the engine can open locked files, bypass programs running in the computer's user mode, and initiate repairs during the system boot cycle. So much like an airport x-ray machine can look inside luggage and identify items that security guards are unable to see, the new antivirus scanning engine can look deep inside a computer system to handle malicious code, adware, and spyware that are hidden from users by stealth technology. “Phishing” threats are becoming more prevalent and sophisticated and identity theft is on the rise but many end-users still do not understand the term “Phishing”. Please give our audience an overview of “Phishing”. What can enterprises do to prevent these attacks from happening and what can individuals do to protect themselves?
Enrique Salem: Phishing is an online scam where fraudsters send millions of e-mails to random accounts. The e-mails appear to come from popular Web sites or from the consumer’s bank, credit card company, e-mail provider, or Internet service provider. The e-mails often inform consumers that the company needs personal information, such as their credit card number or password, to update their account. Many times, the e-mails include a URL link that takes consumers to what appears to be a legitimate Web site. However, the site is actually a fake or “spoofed” Web site. Once consumers are on this spoofed site, they are asked to enter personal information that is transmitted to the phisher.

To protect themselves from phishing scams and other forms of online fraud, consumers should use an up-to-date Internet security solution that provides virus protection, spam filtering and privacy controls, such as Norton Internet Security. Computer users should also refrain from providing personal information to suspicious e-mails and Web sites, thoroughly read End User License Agreements (EULA) when downloading programs or purchasing items online, and they should also create secure, complex passwords that are changed frequently.

However, phishing is an issue that also affects enterprises. Companies should be concerned about phishing because scammers could compromise their customers’ accounts. Not only can this cause financial harm to consumers, but it also hurts their business. The use of a company’s name in a phishing scam can weaken the company’s credibility and diminish the value of its brand. Phishing e-mails are also making their way into enterprise desktops, which not only makes employees’ personal information vulnerable to fraudsters, but it also opens up the possibility of confidential corporate data from being shared with phishers.

Enterprises can take proactive steps to protect their company and the consumers who trust their brand. First, they should define consistent policies for contacting customers via e-mail. These policies should be clearly communicated to employees and customers. Enterprises should also set up a contact point, whether it be an e-mail address, Web page or phone number, where customers can report fraud. If a Web site is involved, they should request that the host ISP remove the site. Enterprises in the U.S. can contact their local FBI office and the FBI Internet Fraud Complaint Center at and the Federal Trade Commission. Companies in other countries can contact the national law enforcement agency that manages consumer fraud. Financial institutions can also look to solutions like the Symantec Online Fraud Management Solution, which protects companies and their customers by blocking fraudulent e-mails from reaching consumers and alerting companies when their customers are under attack. The Symantec Online Fraud Management Solution also provides customer education, customer desktop security assessment and customer protection technologies that guard consumers as well as the company’s network. What type of recent virus threat information is posted on
Enrique Salem: Symantec’s Web site, provides a synopsis of the latest virus-related threats discovered by Symantec Security Response, including information on the threat’s risk through our Category Rating, the name of the threat, the day on which the threat was identified, and the day on which a virus definition was added to protect against the threat. It also provides customers with removal instructions and security best practices to protect against the threat. What resources; such as webinars, case studies, and white papers, are available at for end-users?

Enrique Salem: In addition to information on the latest threats, also offers advisories on major security developments; in-depth introductions to the new breed of threats such as phishing and pharming, spyware, bots and Trojans and how users can protect themselves; as well as information on our industry-leading security and availability solutions. End users can also view webcasts and featured articles, and find a variety of downloads, such as virus removal tools, product updates and manuals, white papers and trialware. Several Government mandates have been enacted recently to improve the security of public and private sector networks. Please give us an overview of FISMA, HIPAA, FFIEC, Gramm Leach Bliley Act and Sarbanes-Oxley.

Enrique Salem: I’ll start with the Federal Information Security Management Act. The goal of FISMA is to develop a comprehensive framework to protect the government’s information, operations and assets by providing adequate security for the Federal government’s investment in information technology. FIMA requires the implementation of policies and procedures to cost-effectively reduce information technology security risks.

The Health Insurance Portability and Accountability Act is an important law designed to improve the efficiency and effectiveness of the health care system, help providers access patients’ health care information, standardize the way information is handled, and ensure that patient health information remains strictly confidential. The Administrative Simplification aspect of HIPAA developed standards and requirements for protecting the privacy of patients and information security.

The Federal Financial Institution Examiners Council provides direction to regulatory examiners and auditors in assessing the quantity of risk and the effectiveness of the institutions’ risk management processes, and to determine the institutions’ compliance with specified technology-related regulations. Specifically, its guidelines address security measures that should be considered by financial institutions to ensure system reliability, confidentiality, integrity and availability.

The Gramm-Leach-Bliley Financial Services Modernization Act requires that financial institutions ensure the security and confidentiality of customers’ personal information against “reasonably foreseeable” internal or external threats.

And the Sarbanes-Oxley Act is a critical piece of legislation that affects corporate governance, financial disclosure and the practice of public accounting. It mandates that organizations ensure the accuracy of financial information and the reliability of systems that generate it. Symantec Vision 2006 is coming up May 8-11 2006 in San Francisco. How about an overview of the Conference?

Enrique Salem: Symantec Vision 2006 provides a unique opportunity for participants to evaluate the latest tools, technologies and techniques in security and storage to improve the way they work and do business. The conference is designed to offer insightful keynote sessions with the latest news on where the IT industry is heading, educational breakout sessions to keep customers up to speed with real world techniques, product demos from exhibitors for a sneak-peak at cutting-edge IT solutions, as well as extensive tutorials and hands-on labs for in-depth knowledge.


Please read our Terms of Use and Disclaimer.
  Investment Guide To 350+ Security Stocks©.