John Harrison Interview
Symantec Group Product Manager, Endpoint Threat Protection
Your career within Symantec has been wide and diverse, what would you say has been the highlight in your career?
The highlight of my career is at Symantec where in the past year we delivered security solutions to the tens of millions of users to protect them against the web based attack. I feel like we are truly helping to protect enterprise and consumer users and leading the charge in terms of online protection.
Where do you see yourself in five years time?
I really enjoy product management and security so I will be at either Symantec or some similar exciting company. It is scary and exciting to think about how the threat landscape will have changed by then.
With threats being discovered all across the globe, what are the logistics of managing STAR?
We have to be effective with our resources and continue to be proactive and change the game in our threat protection strategies. If we don’t do this we will be in a purely reactive mode fighting threat outbreaks across the world.
What puts Symantec ahead of other companies?
From my perspective it is our Security Technology and Response. Any company can make a product and call it “security software” or a “security hardware.” What differentiates us is our approach to providing the core security technologies, the threat intelligence and the threat content that protects our consumer and enterprise customers.
For the average computer user, what are you top tips in managing your security?
1. Keep ALL your software up to date. Including 3rd party multimedia and reader plug-in.
2. Deploy a comprehensive endpoint security product. Traditional signature based antivirus is NOT enough. Use and turn on all features.
3. Keep your security product subscription current. At 20,000 signatures a day, even 1 day can put you at risk.
4. Be cautious and suspicious. Download software updates directly from vendors websites.
5. Adopt a good password policy. Different and strong passwords.
6. Prevention is the best cure – use proactive technology.
What are your thoughts on the future of internet security?
Security isn’t going away – with financially motivated cybercriminals, they will continue to try new things to infect and take advantage of users.
What has been your most challenging “internet threat”?
The malicious advertisements, or malvertisements, since they are so transient and may only appear every 1 out of 1000 times on a page. It makes tracking them difficult.
With the internet now moving towards portable devices, what do you believe will be the next challenges for developers of internet security?
Helping to ensure the developers of these new platforms build in security from the beginning.
What is the biggest flaw of internet users?
Many users today post too much personal and private information online today without thinking about the repercussions of 5, 10 or 20 years from now. It may impact them when they are applying for a job 10 years from now or having their identity stolen today.
We’ve seen a variety of dangers in the years from viruses to bots and the like, what do you think the next threat will be to users?
It is really hard to say since the changes have been occurring so frequently. With the financial motivation there will be new ways to separate users from their money.
In your professional opinion, do you think there will be a day when the operating system will no longer need internet security software?
I would like to think so, but realistically I don’t think it is possible again tying back to the financial motivation. As we close one hole, the hackers/cyber criminals look for another.
PC versus Mac versus Linux. Do you believe there is one operating system that is superior to the other?
No, especially the way that the browser has essentially become the operating system for today’s web applications.
Your computer at home, PC or Mac and why?
I am a Mac guy primarily for my nature and landscape photography (www.jharrisonphoto.com). For me, working on macs with my images just works easier. It really is just a tool to allow me to get creative!
Walking into the realm of science fiction, do you think that a virus or the like actually be beneficial if you could rework it?
No, the idea of automatically doing something without the users permission (either for good or bad) isn’t good.
Is there such a thing as the perfect virus?
So far we haven’t seen one and let’s hope it stays that way.
With so many different digital threats in the world, how can users or governments catch the perpetrators?
I think the primary goal today is to keep them out, not to catch them since it is so difficult. It is a big challenge considering the lack of boundaries the internet has and often the hacker can be so far away from where the actual drive-by download or server is hosting up misleading applications. It is going to take some joint cooperation to catch the perpetrators.
Have you ever had a virus or the like on your personal computer?
Only on my test systems in an infection network. I have had a fake antivirus application pop-up, but since I didn’t install it, I was safe.