Full RSS Feed
Receive
the Free CMSWire NewsletterThis week it’s all about security. Symantec has come back from its Vision annual conference where it announced that it intends to spend US$ 1.25 billion on acquisitions and gives the world a chance to see its O3 cloud security offering. Android gets more security, while MS says zero-day attacks are relatively rare. WebLayers beefs up its governance.
Symantec Reveals US$ 1.25 Billion War Chest
If you weren’t aware of the fact that Symantec is looking to become the top security company following the acquisition of VeriSign and Clearwell, the company has announced that it intends to spend more than US $1.25 billion in the 2011 fiscal year on further acquisitions.
Speaking at its Vision annual conference in Barcelona, Symantec CEO Enrique Salem said that, in particular, it is looking to enhance its reach in the field of mobile, virtual and cloud security. During a press conference, he said:
We'll look at a range of different things. We're interested in extending our portfolio to do more in mobility and cloud computing, and we'll look at what we can do in the virtualization space.”
While the Clearwell acquisition cost Symantec about US $390 million, it seems it won’t be happy until it becomes the top dog in all security-related areas, including e-Discovery.
In the cloud, it is already in the process of teaming up with companies such as Salesforce and Amazon to help them develop secure cloud infrastructures.
And the strategy seems to be paying off. Salem said the VeriSign deal is already bringing dividends to the company, although he didn’t go into any detail about how much and in what way.
Cloud Security From Symantec
The Vision conference also gave Symantec a chance to show off Symantec O3, a cloud security platform designed to protect enterprise cloud applications and cloud infrastructures.
Symantec O3 combines access control, information protection and compliance control in one security solution, allowing enterprise customers to extend their internal security policies to public and private cloud services.
It does that by establishing a new security control point that applies consistent identity and information security across cloud services. Symantec O3 provides three core security layers.
The cloud access control layer leverages an enterprise's existing identity infrastructure for authentication while enabling authorization and federation services.
Given that a recent Symantec survey showed that 44% of CEOs said they were cautious about moving business-critical applications to the cloud, with 76% citing security as a main concern, O3 looks like a smart move for Symantec. More on this as it happens.
Zero-Day Attacks Minimal, Microsoft Says
Microsoft has released its Security Intelligence Report, which found, probably to the relief of a lot of companies, that less than 1% of exploits in the first half of 2011 were against zero-day vulnerabilities.
Zero-day vulnerabilities are software vulnerabilities that are successfully exploited before the vendor has published a security update or “patch.”
The flip side of that is that 99% of all attacks during the same period distributed malware using techniques such as social engineering and unpatched vulnerabilities.
The report also revealed that user interaction, typically employing social-engineering techniques, is attributed to nearly half (45%) of all malware propagation in the first half of 2011.
In addition, more than a third of all malware is spread through cybercriminal abuse of Win32/Autorun, a feature that starts programs when external media, such as a CD or USB flash drive, are inserted into a computer. 90% of infections that were attributed to vulnerability exploitation had a security update available from the software vendor for more than a year.
Continue reading this article:
Email It
