Security software gets outside boost

Symantec reflects on a year since Trojan horse wake-up call.

arie danon 88 298 (photo credit: Courtesy Photo)
arie danon 88 298
(photo credit: Courtesy Photo)
Just over a year since the infamous Trojan horse case implicated some of Israel's leading businessmen for infiltrating competitors' systems to steal information, the need to protect sensitive data remains as prevalent as ever as private users have become even more vulnerable to profit seeking attacks. "The Trojan horse changed companies' understanding that it is very important to protect the end-point computer making end-point security one of the hottest topics today," said Arie Danon, Mediterranean regional manager of security software provider Symantec in a recent interview. "This was just an example in Israel that went very strongly to the media but these things happen all the time. There are a lot of attacks aimed at stealing information, your identity, to gain access to your computer, and today home users are as exposed as enterprises." The Trojan horse shake-up of May 2005 saw a number of senior executives across various sectors detained for using sophisticated software to infiltrate the computer systems of their competitors in order to steal classified commercial information. The case was a landmark in Israel and was indicative of the global trend that viruses and other software attacks were now being used for profit. "The strongest trend in the last few years has been a movement from initiating viruses for fame, such as the Melissa virus a few years ago, which was the name of the attacker's girlfriend, to profiteering aimed at stealing sensitive information," Danon said. As a result, Dan Yachin, research director for EMEA emerging technologies at research company IDC, explained that the security market has developed into a more pro-active one aiming to identify attacks as soon after the outbreak as possible. "Viruses are becoming more and more sophisticated and aggressive and they're using very sophisticated methods, spreading very fast and propagating on a very large scale," Yachin said. Similarly, Danon noted that Symantec has invested a lot of effort to become more pro-active rather than reactive in providing data protection software. "One of the acquisitions that we made in the security arena was in a company that has the ability to detect unknown attacks," Danon said. "That is giving protection from an attack before we know about it. So before we see an attack, virus, or virus definition, we have the software to protect against it and this will be part of our next anti-virus product." As the nature of attacks get harsher and with the rapid acceleration of their presence on the Internet, the market for anti-virus protection has developed into one of the fastest growing software industries. Research group Gartner reported recently it expects the worldwide anti-virus software market to continue its double-digit growth for the short term. Worldwide revenue for anti-virus software grew 13 percent in 2005 to $4 billion, a figure quadruple the level just three years earlier. Gartner showed that in 2005 Symantec, with its flagship Norton anti-virus product, enjoyed a 53.6% market share, while its closest competitor McAfee held 18.8%, followed by Trend Micro with 13.8% and Panda Software, which had the strongest growth last year, 3.2% of the market, the rest being made up by smaller vendors. Symantec can expect to face greater competition, however, from Microsoft Corp., a newcomer to the consumer anti-virus software market, which grabbed 15% of the market already in June, following the release of its product in April. Gartner said that Microsoft's participation in the market is expected to bring price pressure to the competition as the software giant steps up its activities to increase its stake in the market. Symantec meanwhile has shifted towards offering enterprises both its security platform and its "availability" offering which provides backup, clustering, e-mail archiving, and disaster recovery facilities to ensure a company maintains the ability to know that its data is available if something happens to it. "Traditionally 'availability' is a different market which has also been on a constant growth," IDC's Yachin said. "Symantec is doing wisely as they try to incorporate availability with security because at the end of the day companies want one source to deal with everything [security and availability]." The strategy to combine security with availability was a stimulus to Symantec's $13.5 billion merger with storage software company Veritas Software, which closed last year and also gave the company its first Israeli-based research and development facility in Ohr Yehuda. With the Petah Tikva sales office also responsible for activities in Turkey, Greece, Cyprus and Malta, the Israeli market has been a relatively successful one for Symantec and Danon noted that the growth in sales there has been higher than the global Symantec growth for the last six or seven years since it has been operating in the country. "Israel is a very advanced market with users that are early adapters of technologies and new products are often sold much faster than other countries in Europe," he said. While Danon insisted he was not in a position to know about prospective acquisitions in Israel, he noted that given the level of activity there, Israel was a natural place for major corporations in the security market to look. "Israel is considered the Silicon Valley of the region and we look at it as a very hi-tech, very advanced country, especially in the security market," Danon said. "The proof is in the number of start-ups here and the technology that comes out of Israel, so of course Symantec looks to Israel [for acquisitions] as do others." Meanwhile, with security still the hot topic in Israel and abroad, and the market being driven by an increasingly aware consumer base, vendors are also changing their offering to the market. "There are clear indications that the consumer segment has begun to commoditize, and we expect to see a major change in product offerings and functionality that will affect this market as well as the enterprise segment," Gartner said in its report. Consumers currently need to buy separate products to provide anti-virus, anti-spyware and other security related functionalities for their computers, but the trend in the market is towards convergence to create an all-in-one approach to end-point security suites. The move towards convergence becomes all the more relevant given Danon's caution that people all too often make the mistake of confusing terms such as virus, spam and spyware, or phishing attacks, thus thinking that their standard anti-virus software gives them protection from each. "When we talk about securing an end point, it's not just an anti-virus. It's a matter of providing anti-virus, firewall, intrusion prevention and being able to see that the work station connecting to the network is complying to the policy of the organization," Danon said. "Someone who has been away from the network even for a short period and returns to work is vulnerable because he hasn't received the necessary updates." As such, the Trojan Horse served as a wake-up call for the Israeli market and as a boost for the local software security industry both in the corporate and consumer segments of the market. IDC's Yachin noted that in addition to the rise in enterprises activity, the trend has been evident by the fact that the ISPs (Internet Service Providers) are increasingly trying to keep up with new kinds of threats on behalf of their customers, which has made private users more aware of the needs of security solutions on their desktops. "The Trojan Horse served as a major driver for many types of technologies, not only anti-virus. ISPs are doing a better job today than they did before because the public has become more aware of the threats," Yachin said. "There is also a growing awareness in Israeli enterprises towards the cyber threat of supposedly trusted employees and the potential damage they pose to organizations."