The Future of Symantec Risk and Compliance Solutions 1

Kurt Van Etten: Director of Product Management Threat & Risk Management

November 2012

The Future of Symantec Risk and Compliance Solutions

2

Disclaimer

Any forward-looking indication of plans for products is preliminary and all future release dates are tentative and are subject to change. Any future release of the product or planned modifications to product capability, functionality, or feature are subject to ongoing evaluation by Symantec, and may or may not be implemented and should not be considered firm commitments by Symantec and should not be relied upon in making purchasing decisions.

SYMANTEC VISION 2012

Agenda

The Future of Symantec Risk and Compliance Solutions 3

Moving From Compliance to IT Risk 1

Leveraging Existing Investments 2

Single Platform for Many Jobs 3

Actionable Intelligence 4

SYMANTEC VISION 2012

Risk And Compliance Maturity Curve

The Future of Symantec Risk and Compliance Solutions 4

Comply with key mandates

Stay ahead of threats

Focus on top priorities

Build sustainable risk program

Connect to business

70 % CISOs report increased executive awareness 50% expect increased business influence Only 1 in 8 feel Info Sec can influence business decisions

Source: IREC 2011

SYMANTEC VISION 2012

Expanding From Compliance To Risk – Drivers

The Future of Symantec Risk and Compliance Solutions 5

Compliance Centric

Risk Centric

• Driven by external mandates

• Focus on pass / fail checkbox

• Large volume of audit findings leads

• Point in time view

• OFTEN SUBJECTIVE

• Driven by business needs

• Focus on continuous improvement

• Risk-prioritized issues drive action

• Continuous Monitoring

• DATA DRIVEN

SYMANTEC VISION 2012

Expanding From Compliance To Risk – Constraints

The Future of Symantec Risk and Compliance Solutions 6

“I need a way to leverage my

existing investments”

“I want to use the same platform to complete many

jobs”

“I need actionable intelligence to make better decisions”

SYMANTEC VISION 2012

I Need To Leverage My Existing Investments

The Future of Symantec Risk and Compliance Solutions 7

Use the infrastructure I

have

• No need to displace existing solutions

• Help my existing solutions work together

1 Quick time to

value

• Integrate security information from multiple technologies

• Automatically updated data mappings

2 Keep my costs

down

• Minimal initial set-up costs

• Easy to maintain interface between 3rd party systems

3

SYMANTEC VISION 2012

Symantec Partner Developed

Community Supported

Additional Connectors

Symantec Connector Strategy

The Future of Symantec Risk and Compliance Solutions 8

Information Protection

Endpoint Security

Infrastructure Security

Network Security

Application Security

Security Management

Identify and Access Controls

Symantec Built

Symantec Tested

Symantec Supported

Supported Connectors

SYMANTEC VISION 2012

Symantec Connector Roadmap

9 9 The Future of Symantec Risk and Compliance Solutions

• Endpoint Protection

• Data Loss Prevention

• CCS Standards Manager

• CCS Vulnerability Manager

• Security Information Manager

• Critical System Protection

• Encryption

Symantec Third Party

• Qualys

• Rapid7

• HyTrust

• Salesforce

• Bit9 • Catbird • Cenzic • Core Security • Courion • eEye • Imperva

• RedSeal • SailPoint • Skybox • Tenable • Veracode • VMware

Create custom connectors with open

SPC Enterprise platform

• Symantec DeepSight™

• Managed Security Services

• Mail Security for Exchange®

• Messaging Gateway

• Web Gateway

• VIP User Authentication

• Certificate Intelligence Center

• Mobile Device Management

• Endpoint Management

• Symantec NetBackup™

• Symantec Backup Exec™

SYMANTEC VISION 2012

I Want One Platform To Manage My Security Program

The Future of Symantec Risk and Compliance Solutions 10

Scalability is critical for me

• Need to manage

Big Data

• Link to underlying technical assessment technologies

1 Get the right

data to the right user

• Customizable views for multiple stakeholders

2 Help me get

better insights from my data

• Cut the data multiple ways

• Cross-reference data points for unique insights

3

SYMANTEC VISION 2012

Dynamic Dashboards (Web and iPad*)

Managed Security Services (inc. SSIM)

Symantec Endpoint Protection

CCS Standards Manager

Critical System Protection

Symantec Encryption

CCS Vulnerability Manager

Data Loss Prevention

Virtualization Security Manager

Symantec Approach: One Platform Three Views

Asset System Security Intelligence Data Store

Security Metrics and Analytics Platform

Compliance View Security Metrics View Risk Management View

11 The Future of Symantec Risk and Compliance Solutions

SYMANTEC VISION 2012

I Need Actionable Intelligence To Make Better Decisions

The Future of Symantec Risk and Compliance Solutions 12

I need data relevant to my

business

• Data that supports business critical operations at your fingertips

1 I need to prioritize

• Know what to fix first so you make best use of resources

2 I need to drive

action

• Get clear direction on how to address identified risks

3

SYMANTEC VISION 2012 The Future of Symantec Risk and Compliance Solutions 13

Actionable Intelligence: An Example

Identify Compliance Failures & Focus Remediation

SYMANTEC VISION 2012

Actionable Intelligence: An Example

The Future of Symantec Risk and Compliance Solutions 14

Identify Sensitive Data & Focus on Critical Exposures

SYMANTEC VISION 2012

Actionable Intelligence: An Example

The Future of Symantec Risk and Compliance Solutions 15

Highlight Business or Critical Process Exposures

SYMANTEC VISION 2012

Actionable Intelligence: An Example

The Future of Symantec Risk and Compliance Solutions 16

Drill Down To The Details And Model Risk

SYMANTEC VISION 2012

Actionable Intelligence

The Future of Symantec Risk and Compliance Solutions 17

Monitor Action Plans

SYMANTEC VISION 2012

Roadmap Themes

The Future of Symantec Risk and Compliance Solutions 18

Interoperability

• Virtualization Security

• Robust Connectors • WebSphere

Risk Management Usability

• Internationalization • Simplified

architecture • Mandate-based

reporting • Web-enabled

dashboards

• Risk Manager • Vendor Risk • Risk modeling

Thank you!

Copyright © 2012 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

19

Kurt_Van_Etten@symantec.com

Steve_Blair@symantec.com

The Future of Symantec Risk and Compliance Solutions

SYMANTEC VISION 2012

Actionable Intelligence: An Example

The Future of Symantec Risk and Compliance Solutions 20

Drill Down To The Details And Model Risk