Symantec says it will not participate in offensive operations

Dubai

The US cybersecurity firm Symantec said on Monday that it would not participate in, nor help facilitate, any offensive cyber operations, stating that such activities ran contrary to the company’s ethos.

In recent years, a number of cybersecurity firms have been implicated in nation-state hacking activities throughout the region.

Asked whether Symantec — best known for its defensive security — would ever offer such offensive capabilities, a company executive speaking to Gulf News at Gisec said it would not.

“That’s not what we stand for,” said Sunil Varkey, Symantec’s chief technology officer for emerging markets. “Even the employees wouldn’t be willing to do that,” he added.

“We are a publicly listed company with clear missions … We’re very clear on what we stand for.”

Symantec is one of the largest providers of antivirus software in the world, recording revenues of $4.84 billion in 2018.

“We will partner with everybody, as long as the objective is to save the world,” Varkey said.

Quizzed on what he meant by this, the CTO explained that the company would only participate in defensive work.

“If someone says, provide me with intelligence where I can defend effectively, or share with my stakeholder groups so I will not be under attack, we are with them,” he said.

“If you say that there is a concern about a technology that is evolving, our team is ready to work with them to take that as a programme to help understand that,” he added.

According to Varkey, Symantec employs 3,000 research professionals who focus on defensive cybersecurity.

“Our success is based on how safe the world is. So if it’s a legitimate use, whether it’s a government or a corporate, we are with them.”

On whether there were any noticeable differences between Symantec’s emerging markets and its more established territories, Varkey said that the story was the same.

“Attackers are attacking everywhere,” he said. “Everyone is attacking everywhere. There’s no difference between geographies, the threats and vulnerabilities are the same.”

He added that the maturity of security procedures and awareness differed between markets.