By Samer Batter
An interview with Kevin Isaac, Regional director, Symantec, on the state of the Saudi market.
An interview with Kevin Isaac, Regional director, Symantec Q- Some reports claim that Saudi is among the top source countries of SPAM; having several PCs taken control of by hackers who are using these infected PCs as the so called Zombie PCs to send SPAM or viruses?
Kevin Isaac Many people offer claims and statistics because the market loves numbers and is excitedly receptive to numbers and reports, but all that needs to be verified and supported on the ground.What I can tell you for sure is that the numbers of “Zombie PCs” in Saudi is within normal limits which is around 350 “networks of Herded machines” that is a group of manipulated PCs under the control of hackers. That number is considered a little bit alarming however if we consider the total number of connected PCs in Saudi, the USA however is once again the source of the most attacks and Spam by volume.
Q-How do you see the Saudi market in terms of IT security awareness? And the general outlook in the ISPs internet and telecom markets?
Kevin IsaacI am quite optimistic at the current state of affair in the Saudi market opening up the economy and the ICT commission helping develop the telecom sector to competition which is great in making headway in that ,ahead of other countries in the region. ISPs are going through their paces with normal lifecycle developments, so offering ecommerce requires security and protection vigilance. The danger with ecommerce lies in lax security with increased exposure to threats. Where there is a single ISP there is a good point in its ability to control the spread of spam and spyware spreading in the country. While in Saudi, where there are several ISPs, there is a need for further consolidation and cooperation to fight those threats and limit their effects on the whole country by setting common key objectives to protect users in case of serious attacks and to effectively fight Phishing and online fraud. There is a big issue of perception and behavior of internet users in Saudi, that need to be changed by better educating people about the implications of lax security levels and practices. Software piracy is part of the problem because no proper level of protection is available with pirated security software. Another area we are looking at addressing now, is mobile computers upon connecting to the enterprise network after using them in different environments that may have them exposed to infections.
Q-The recent industrial espionage incidents give the impression that some Trojans or other threats are smarter than all the security that several global enterprises were fooled by it?Kevin IsaacProper protection requires combined layers of defenses, you need protection both ways, so if a company is using anti-virus to fend off incoming threats, there must be other layers of protections to handle outgoing data, firewalls can help here to stop illegitimate outgoing data from inside ,whether it is an infected CD, as was the case with the industrial espionage incident , or other possibilities. What is effective here is a combination of firewall technology, intrusion detection and anti-virus software.Q-Do you see any conflict of interest in Microsoft offering its products then asking users to pay again for faulty code?
Kevin Isaac You are saying that, I have no comments on this.
Q-How do you see Microsoft offering a new subscription based protection, in direct competition to your products and services?Kevin IsaacMicrosoft has the knowledge to offer safer and better code in the OS, that is stated, we have extensive experience in other valuable areas.Through our internet sensing centers , DeepSight and other solutions and products, we are better equipped ,with those kinds of expertise and knowledge, to offer internet protection against online threats. If an online equivalent of the tsunami would happen, our timely alert capabilities will be a better way to face it prepared ,than trying to limit the damage afterwards.