Symantec's Salem: Cloud was game-changer for us

Symantec Corp. CEO Enrique Salem outlines why 03 is such a critical initiative for the company, and how cloud and virtualization changed the security threat landscape and the business opportunities for Symantec.

For Symantec Corp. CEO Enrique Salem, the three critical issues facing IT leaders today -- and the three biggest opportunities for his 'information protection' company -- are cloud, virtualization and the consumerization of technology. In this installment of the IDG Enterprise CEO Interview Series, InfoWorld Editor-in-Chief Eric Knorr and IDGE Chief Content Officer John Gallant caught up with Salem shortly after his RSA Conference keynote describing Symantec's cloud-focused security strategy,dubbed 03.

In this discussion, Salem outlines why 03 is such a critical initiative for the company, and discusses how cloud and virtualization change the security threat landscape and the business opportunities for Symantec. He also talks about why Symantec isn't overly concerned about Intel Corp.'s purchase of McAfee, Inc. and what it means for Symantec to be on its own in a market with competitors like Intel, IBM, Cisco and other giants. Salem also outlines what's ahead for Symantec's non-security businesses in storage and systems management, and how collaboration and social networking will change everything for organizations in the years ahead.

Q: What is 03 and why is it such a critical initiative for Symantec?

A: In computing, there are big transitions that happen every few years. We are in that next transition. I predict that the five years starting from 2010 to 2015 will have the most significant technological change that we've seen in the last 25 years. The reason I say that is that we are going to see a big move to the next generation of what I call distributed computing. Cloud computing to me is just the next generation of distributed computing; it is taking distributed computing one step further. I call it hyper-distributed computing.

What you don't want is different systems in IT for each of these different things. You don't want one system for your on-premises technologies, a different set [of tools] for mobile computing, another set of systems for dealing with cloud-based services. That is a nightmare. Also, IT is always trying to be more efficient with costs.

With 03 we said, 'let's create a layer that can be an integration point for a number of things'. One, you need a policy engine that lets you set policies. What devices do I trust? What information can go on those devices? Should this user have access to that information? Then you need to have enforcement, something that actually says 'yes' or 'no' based on the policies. And then you need to have audit and governance that reports against what actually happened. As the ozone is the layer that protects the earth from the harmful rays of the sun, we believe you need something similar in business. The ozone is made up of three oxygen molecules. So that is O3, and we have three layers. We have a policy layer and an enforcement layer and then an audit or governance layer that can be used broadly across enterprise computing.

To continue reading this article register now

7 hot cybersecurity trends (and 2 going cold)