Search:  

 Blog     e-Newsletter       Resource Library      Directories      Webinars     Apps
AFCEA logo
 

Commercial Firm Warns of Threat to Federal Computers

August 2008
By Michael A. Robinson

Cyberspace heats up with both constructive and destructive activities.

Chalk it all up to Melissa, a computer virus that spread rapidly on the Internet and shut down entire e-mail systems. For both the computing public and the information security industry, the Melissa virus—named for a Florida lap dancer, of all things—was a huge wakeup call.

Across the nation, millions of personal computer users, corporate executives and government leaders suddenly realized how the powerful technology of the Internet left their machines, critical information and even entire networks vulnerable to malicious attacks. At Symantec Corporation of Cupertino, California, executives quickly saw a business opportunity in making and marketing antivirus software to a wired world.

That was in March 1999. Just a few months later, the Symantec board recruited John W. Thompson, a 28-year veteran of IBM, to become Symantec’s chief executive officer (CEO). Thompson wanted to make Symantec exactly what it is today: a global leader in cybersecurity.

In a recent interview with SIGNAL, Thompson says that Symantec increasingly is devoting its resources to protecting federal computer networks from what he describes as almost non-stop attacks, some designed for financial gains and others motivated by “geopolitical” agendas.

Indeed, Thompson recently returned from Washington, D.C., where he spent two days meeting with key customers including U.S. Defense Department and civilian agencies. He says he warned them about a growing conundrum: increased use of the Internet by federal agencies makes them more efficient and responsive to citizens but also increases the likelihood that sensitive data will be breached or even destroyed.

“The Defense Department has two sides to every coin,” Thompson states. “There is clearly the protected sensitive intelligence network. Then there is the side of the department that is facing the Internet. In other words, [employees] are allowed to go out and surf the Web and do things like you would in a commercial account.

“Suffice to say that as the civilian agencies and the Internet-facing side of the Defense Department move more information using the public Internet infrastructure, they become more susceptible to the threat environment that is out there,” he declares.

Symantec has a full suite of products designed to protect computer networks and critical data with antivirus programs, encryption technology, data backup, and e-mail security for both commercial and federal organizations. But Thompson indicates that the sheer volume of attacks means that federal officials must remain highly vigilant. Consider that in six months last year, Thompson says, Symantec’s widely known Internet threat reports cited some 400,000 attacks.

That number represents an exponential increase in such activity. In fact, just three years ago, perhaps some 10,000 to 12,000 computer attacks were registered in an entire year. Ironically, despite having what seems like an army of officials hired to protect critical government data, federal computers remain prime targets for hackers and designers of viruses, worms, Trojan horses and other forms of malware.

“Candidly, I think government customers represent about 25 percent of all attacks,” Thompson states. “The commercial world accounts for the rest, but you have to divide commercial into banking, retail, insurance and so forth. And no single subcategory represents as much of the attack activity as the government does.

“What has happened over the past two years or so is that the attacks have become much more targeted. And so it is likely we will see any number of new highly targeted attacks that don’t hit the radar screen—if you will—for the broad consumer market; [they] certainly don’t show up in the drive-time news reports we used to see years ago when viruses were running rampant across the Internet.”

Thompson notes that government compliance remains a fervent market for Symantec. That is because the 2002 Federal Information Security Management Act (FISMA) requires federal agencies to improve the security of information technology systems, applications and databases. Among other things, FISMA forces federal agencies to provide risk assessment, incident response, intrusion detection systems and tools, malicious code prevention, and individual identification and authentication. Thompson says Symantec has several technologies designed to help federal organizations remain compliant.

For example, Symantec BindView Policy Manager maintains more than 1,500 universal controls that perform compliance analysis across multiple regulations. Symantec Control Compliance Suite applies advanced technology and automation to help implement, measure and maintain compliance with security configuration standards.

In the meantime, the company is focused on a “very, very important area of opportunity around data loss prevention,” Thompson allows. “There are tremendous assets that live within the federal government’s systems infrastructure. And while firewalls and intrusion sensors are important, they are kind of ‘jacks are better’ in this game.

“You need information-based security technologies to help,” he continues. “So, our encryption technologies at the endpoint, our data loss prevention technologies at the storage or network or endpoint tier really do give us a differentiated position in the federal space.”

When Thompson joined the company nine years ago, he wanted to better balance Symantec’s blend of sales to consumers and large organizations, the latter referred to as the enterprise market. He also wanted to double sales to $1 billion.

For fiscal year 2008, which ended March 28, the world’s fourth-largest software company had sales of just under $6 billion, up 13 percent from the year-ago period. Net income rose 13.6 percent to $1.13 billion.

The enterprise market accounts for roughly two-thirds of sales, Thompson says. Of that amount, about 15 percent, or $600 million, stems from total government sales, including state, local and federal agencies, he adds, without disclosing the percentage for each sector.

Mergers and acquisitions have played a key role in the company’s growth and will continue to be a part of the company’s business strategy, Thompson says. They will account for between two and three percentage points of a projected annual growth rate of 8 percent to 12 percent.

Formed in 1982 as a corporate divestiture, Symantec overcame early struggles with a key acquisition in 1984. In the 1990s the company vaulted ahead with some 20 acquisitions that included Peter Norton Computing, and that company’s name lives on with Symantec’s Norton Antivirus, among other products.

Symantec has been just as busy in recent years. In fiscal 2007, the company acquired Company-i Limited and 4FrontSecurity Incorporated. The previous fiscal year it absorbed Veritas Software Corporation, XtreamLok Pty. Ltd., WholeSecurity Incorporated, Sygate Technologies Incorporated, BindView Development Corporation, IMlogic Incorporated and Relicore Incorporated.

Thompson recently had another wakeup call in managing Symantec. After the company acquired Veritas, Symantec eliminated the position of chief operating officer (COO) and focused on individual business units. Much as federal agencies have learned, running an organization with stovepipes is not always the most effective way of doing business.

Consequently, earlier this year Thompson brought back the COO’s position and gave the job to Enrique T. Salem. A former Symantec executive, Salem had gone on to become CEO of Brightmail, a leader in anti-spam software that Symantec acquired in 2004.

Salem is a “very talented young executive who has proven himself in every job we have given him,” Thompson says. “It’s a great promotional opportunity for him and a great thing for our company and our investors.”

For the past six years, Thompson has served on the National Infrastructure Advisory Committee (NIAC), which President George W. Bush formed to make recommendations regarding the security of the critical infrastructure of the United States. Members represent major sectors of the economy—banking and finance, transportation, energy, information technology and manufacturing.

“What the NIAC certainly has demonstrated for me is that protecting our nation’s critical infrastructure does require a public-private partnership,” Thompson says. “The vast majority of the critical infrastructure in this country is owned by the private sector and, therefore, if we are going to protect it from attacks of all types, we must work together to do that.

“I am struck [by] how many people in the private sector are willing to lend support to the effort,” he emphasizes. “There are quite a few firms that have very, very high-level people involved and have many of their thought leaders engaged in driving work projects. We have done many, many projects over the past five or six years now.

“I think they have all been helpful to the government,” Thompson allows. “The question is, can they [federal officials] implement all the ideas that we can come up with? And I think that is very challenging.”

Web Resources
Symantec: www.symantec.com
NIAC: www.dhs.gov/niac