Symantec’s legacy goes back more than 30 years, with much of that time focused on helping businesses and consumers around the world protect their information. Its Norton suite of products, including antivirus software, is used by more than 50 million people. Today, Symantec — a DXC Technology solutions partner — offers integrated solutions to defend against sophisticated attacks across endpoints, cloud and infrastructure, and operates one of the world’s largest civilian cyber intelligence networks. Dan Angelucci, DXC’s chief technology officer for the Asia region, recently sat down with Victor Law, Symantec’s chief operating officer for the greater China region, to discuss how cyber security is evolving in today’s digital-centric business environment.


Q: We’ve heard Symantec’s executive vice president and general manager for the Consumer Business Unit and Cyber Services, Samir Kapuria, say: “The lines between technology and humanity are being erased.” I find that interesting. Can you expand on this idea? And how should companies prepare?

A: These days we find that in our daily lives we cannot get away from digital — from running our schedule to even communicating with our family members. As our lives become more digital, the associated risk is becoming more important.

A couple of things are important. The first is that we be prepared, because these days no one is immune from these security risks. We need to have a security mindset such that whenever we click on certain email or download certain information, we check the source, whether it is actually from a trusted source or the people that we know. And the other thing is about visibility — especially for enterprises. They need to know where their critical services and critical data are and then have proper security protections, such as multilayered defense. There are also new technologies such as isolation, whereby users’ web traffic is being protected by an isolation layer such that all content, no matter good or malicious, like JavaScript, photo, plug-in and even font file would not be able to touch the endpoint. In this way, users can freely browse the internet and check out email links at will without the need to worry about cyberattacks.


Q: Technologies such as cloud — public cloud in particular — the internet of things, artificial intelligence and others are clearly changing the game. What’s Symantec’s point of view on security and these technologies? What do customers need to know?

A: The adoption of cloud is definitely picking up at a rapid pace, and most customers, before they embark on their cloud journey, may overlook the importance of security. At Symantec, we would advise customers to have a closer look at the adoption in terms of identity protection, data protection and workload — be it on-premises, in a virtualized environment, in public cloud or private cloud. If you do not have that total visibility, there’s literally no way you can defend yourself from these cyber attacks. So, visibility is one important thing. The second is: Do you have the necessary defense policy in place before attacks are going to happen? And last but not least: automation. It’s very important in case of a cyber attack to know whether you really have that process in place whereby you can isolate a certain individual or certain endpoints from the rest of the network traffic so that the impact will be minimal.


Q: How can organizations find the right balance between their need for market speed and agility and their need to manage risk, compliance and security?

A: First and foremost is to have that security-by-design mindset, because once you deploy new technologies, such as the public cloud, artificial intelligence or blockchain, and then wind back and think about security, that’s too late. Before customers or enterprises embark on that new technology adoption, they must first take a step back and look at it from a security standpoint — from two fronts. One, about security infrastructure, be it certain endpoints or the cloud workload. But then, more important, is about the data, in terms of data privacy. We have GDPR [General Data Protection Regulation], the China cyber security law and the like, and, of course, compliance and privacy regulations related to various industries.


Q: Tell us about some of the work Symantec is doing to help organizations secure their modern, digital operations.

A: Symantec is leapfrogging in terms of security technologies, and we are very aggressive in terms of building up cyber security platforms. Our goal is to help organizations to move away from the current security silos, multi-vendors and multi-point products approach, in building an integrated cyber defense platform such that security technologies at key terminal points covering endpoint, network, email and cloud apps can integrate together, offering the benefits of total control and visibility. We believe the platform approach with threat intelligence and process automation can deliver a true proactive cyber defense solution well suited for organizations with modern, digital operations.