While companies mull ways to educate users on practicing safe online behavior, "evolving" technology could help pick up where human discretion leaves off, according to Symantec's chief technology officer.
Mark Bregman, in an interview with ZDNet Asia, said the increasing ubiquity of online interaction through social networking sites zeroes in on one of the network's weakest points--users.
Users are also the natural focal point of attackers, who are more motivated by profit than fame. Users make an easier target for attackers because advances in security technology make breaking into physical networks of enterprises a harder task, Bregman said.
To that end, companies have preached education as a way to patch up the user problem, but education has its limits, he noted. "The challenge in protecting information privacy is both technical and behavioral--users need to know not to post sensitive company information, but traps set to dupe users are an issue.
"In real life, there is information you get about dodgy places from your parents and society, but there are less ways to tell [a Web site's safety] online," he said.
In order to deal with this problem, security software is "evolving" to address the social networking issue, said Bregman.
He said Symantec will focus research on this category this year, gathering data to help its software make better judgment calls on software "hygiene".
For example, an executable file residing on many "clean" PCs is likely to be a good one, while a strange file in only a handful of PCs which are deemed dubious in having adequate protection will raise question marks, he explained.
He distinguished this method of "reputation-based" listing from the older methods of creating black- and whitelists for software, because the "volume of software we're analyzing to create the lists is overwhelming".
However, such socially attuned software is likely to go to the consumer first, before enterprises, because Bregman said home users--especially children--are likely to be easier targets for such attacks.
Integrated security appliances not sufficient
On products touted as one-stop shops for security, Bregman said they do not provide adequate protection for most companies.
"More layers of security are needed, because not every [threat] comes from outside the network," said Bregman.
Such integrated security appliances are more suited for small businesses, where the risk of end points is fewer, he said.
Companies are better off with investing in several layers of protection. While unified threat management products may look more attractive to companies in these lean times, Bregman said a multi-layer implementation does not have to be expensive.
CIOs should undertake comprehensive risk assessments to determine the "economics" of protecting their information; make the cost and effort needed to get that set of information higher than the benefit of obtaining the information itself, Bregman explained.
"Too often people think they have to spend a lot on security," he said. But companies only need to make their networks "secure enough so the bad guys look elsewhere", he said.