Tag Archives: symc

Palo Alto Networks Gouges Cisco, Check Point, Fortinet: Survey

Palo Alto Networks ( PANW ) gouged rivals Cisco Systems ( CSCO ) and Check Point Software Technologies ( CHKP ) during Q1, as Fortinet ( FTNT ) and Symantec ( SYMC ) demand toppled, according to a Piper Jaffray survey of 26 resellers and distributors. Meanwhile, cybersecurity vendors Imperva ( IMPV ) and FireEye ( FEYE ) improved on Q4 demand, and CyberArk Software ( CYBR ) and Proofpoint ( PFPT ) demand remained relatively stable. Cybersecurity stocks largely fell as of midday trading on the stock market today , with IBD’s 25-company Computer Software-Security industry group down nearly 1.5%. Proofpoint and Fortinet stocks led the plunge, both down more than 4% midday Tuesday. CyberArk stock was down more than 2%, and Palo Alto Networks stock was down more than 1%. Imperva was down more than 2.5%, and FireEye fell nearly 2%. Symantec and Check Point stocks bucked the trend, trading flat and up 1%, respectively. Check Point is losing to Palo Alto Networks, according to resellers surveyed by Piper Jaffray analyst Andrew Nowinski, but half of the resellers cited Cisco as the rival Palo Alto Networks beats out most frequently. “Cisco and Check Point have consistently been called out by resellers as the vendors most frequently losing to Palo Alto,” Nowinski wrote in a research report. In Q4 and Q3, Juniper Networks was also cited by 13% and 18% of resellers as losing to Palo Alto Networks. “However, this is the first quarter resellers cited Fortinet as competition to Palo Alto, suggesting Fortinet may be moving more upstream into the mid-market enterprise space,” Nowinski wrote. Only 35% of resellers sold more Palo Alto Networks products than they expected, Nowinski wrote, down from 56% in Q4. The largest distributors say Palo Alto Networks demand trends were unchanged, he added. Imperva jumped in Q1, as 20% of resellers were above plan vs. 8% in Q4. And FireEye demand improved to 31% below plan from 36% in Q4. CyberArk and Proofpoint were largely in line. But Fortinet and Symantec declined. In Q1, 31% of Fortinet resellers were below plan vs. 14% in Q4. Symantec fell to 50% below plan vs. 29% in the prior quarter.

Cisco Targets Cybersecurity For Productivity, Not Just Defense

Cisco Systems ( CSCO ) wants organizational leaders to understand that improving their competitive advantage, not just responding to fear, should inspire their cybersecurity strategy. Fearful tales, however, are hard to ignore. One recent example: Virtually all IT systems of the largest civilian hospital chain in the nation’s capital, including the MedConnect electronic health records system installed by Cerner ( CERN ), were shut down to prevent the spread of a computer virus in late March. Baltimore-based MedStar Health on March 30 called it a “despicable attack.” The disruption affected thousands of employees and many more patients, and restoration of the systems took days. “Within 48 hours of the malware penetration,” the three main clinical systems were “moving to full restoration,” said MedStar. A Cerner spokeswoman told IBD: “We continue to work closely with our client (MedStar) as the broader IT framework is brought back online.” But a week later, MedStar was still working on it: “Our partner Symantec ( SYMC ) … has been on the ground from the start of the situation and has been conducting a thorough forensic analysis,” MedStar said in an update last week, acknowledging it “has worked closely with the FBI throughout this situation.” The company again assured “that we have no evidence of any compromise of patient or associate data.” The Baltimore Sun reported the hospital’s hackers demanded ransom be paid in Bitcoin to unlock the hospital’s maliciously encrypted data. What a pain. What a danger. What a motivation for every organization to get its cybersecurity in order, as if another example were needed. “We’re very familiar with it,” James Mobley, a Cisco security services vice president, told IBD in an interview last week, acknowledging MedStar is a Cisco client. Cisco: Security-Led Firms More Prepared For Cloud, IoT Cisco, the No. 1 maker of computer networking gear and with a growing business in security, plans early next month to release a security survey of business executives. The company says productivity, growth and competitive advantage ought to be motivating cybersecurity decisions, not just fear. Its report, originally set for release early Tuesday, is titled “Nearly One-Third of Businesses View Cybersecurity Primarily as a Growth Enabler.” Silicon Valley-based Cisco, which briefed IBD and other media on the report, found that only a bit more than 30% of 1,014 corporate directors, vice presidents and C-level executives surveyed online “view cybersecurity primarily as an enabler of growth tied to digitization. “Security-led digitizers feel more prepared than others to address cybersecurity challenges in three key digital technology areas: analytics, Internet of Things and cloud computing,” Cisco said. “As a result, these organizations are far more confident about incorporating digital technologies into their business processes and offerings. “In fact, 44% of executives surveyed consider cybersecurity to be a competitive advantage for their organizations.” Cisco said cybersecurity will drive about $7.6 trillion of digital value over the next decade, with $5.8 trillion resulting from “cybersecurity’s enablement of digital use cases that instigate innovation and growth.” Is this marketing pablum or a legitimate call to action? Cisco has been under pressure to grow as fast as some of the smaller networking and software security firms with which it competes or partners. In its fiscal 2015 ended July 25, Cisco’s overall revenue rose only 4% to $49.16 billion, but its security services sales alone grew 12% to $1.75 billion. Medical IT leader Cerner grew 2015 revenue 30% to $4.42 billion, in part by selling P2Sentinnel and P2Sentinel Security as a Service (P2SaaS) products as a “security, auditing and compliance solution for tracking end-user access to confidential patient data in Mellennium, as well as other non-Cerner clinical solutions and infrastructure systems.” Palo Alto Networks ( PANW ), which specializes in security software, grew sales 55% last year. Rival Check Point Software ( CHKP ) saw revenue rise 9%. Symantec, MedStar’s prime cybersecurity contractor, reported pro forma revenue fell 6.3% year over year for its fiscal Q3 ended Jan. 1, adjusting for the sale of its Veritas business. Cisco’s survey data could serve as grist for its hungry marketing-sales machine, but it also provides a heads-up to companies that there’s more to cybersecurity than preventing hacker disruption. When a company is confident it can prevent disruption, this enables minds to focus on everything else. “It’s critically important that we stop thinking about security as a defense-centric approach that is sold by fear, uncertainty and doubt,” Mike Dahn, head of data security for payments firm Square ( SQ ), said in Cisco’s survey results press release. “We need to start thinking about security as an enablement of innovation that actually helps the business go forward.” Cisco stock touched a nearly one-year low of 22.46 in early February, but it has been on an upswing recently. Cisco closed Monday at 27.62, down a fraction. In the meantime, cybersecurity continues to be top of mind. By executive order, the U.S. Commerce Department will host its first Commission on Enhancing National Cybersecurity meeting on Thursday in Washington, D.C.

Billions Of Apple iPhones May Be Vulnerable To Attack: Check Point

Billions of Apple ( AAPL ) iPhones and iPads could be exposed in an iOS 9 vulnerability, Check Point Software Technology ( CHKP ) researchers were slated to announce Thursday morning at Singapore’s Black Hat Asia 2016 conference. Enterprise applications installed via Mobile Device Management (MDM) software are exempt from Apple’s latest security changes, which means that an attacker can hijack legitimate communications to install malicious apps, says the security firm. It’s still theoretical, Avi Rembaum, Check Point vice president of security solutions, told IBD on Wednesday. Black Hat gives researchers an opportunity to discuss hypothetical threat vectors, including this new so-called “Sidestepper” vulnerability. “Unfortunately, a lot of those things we talk about that might happen often end up happening,” he said. Few Barriers To Entry Apple recognized a key piece of the Sidestepper vulnerability in iOS 8. For $299 a year, an enterprise can purchase an Apple certificate to upload a private app via the Apple Developer Enterprise Program. “But if someone is going to be malicious, they don’t really care about signing a (certificate) agreement, plus it’s $299 per year to get that certificate,” Rembaum said. “There weren’t many barriers to entry.” Enterprises are headily embracing the “Bring Your Own Device” trend and, in one case study of a Fortune 100 company, Check Point found 318 private apps and 116 unique certificates on employees’ devices. Those numbers were suspiciously high, Rembaum said. “When we looked deeper … they were on the sketchier side and were from parts of the world that could be problematic,” he said. “We saw a very small number of them that would be considered white-listed (trustworthy).” So in iOS 9, Apple upped the challenges to installation, says Check Point. But the new challenges don’t cover MDM-pushed updates to employees’ devices. Of the 1.2 billion installed iPhones and iPads, 79% have iOS installed and are therefore vulnerable. Intercepting Legit Connections Enterprises often rely on MDM services like those by BlackBerry ( BBRY ) (via its Good Technology acquisition),  VMWare ( VMW ) and MobileIron ( MOBL ) to push updates onto employees’ devices, thereby avoiding the “headache” of ensuring that every app has identical settings, Rembaum said. That MDM-device connection, however, is also a powerful portal for Man-in-the-Middle (MitM) attacks, he said. A hacker can, theoretically, intercept the communications between MDM and device to install a certificate and then a malicious app. Often, the interception relies on social engineering, he said. “An attacker would send a text message to the target with a link to download the configuration file,” he said. “It would install a certificate and configuration instructions in the phone. The only thing the user has to do is say yes to installing.” Then the attacker is in — with access to a user’s address book, microphone, photos, GPS, apps and, possibly, company data. Education Alone Isn’t Enough Rembaum recommends that MDM users take a “multilayer approach” to mobile security. Because hackers often rely on social engineering to launch phishing attacks — by email, text message or social media — enterprises should train employees on red flags. Phishing attacks cost businesses more than $215 million between October 2013 and December 2014, according to a January report by the FBI. This month, Seagate Technology ( STX ) discovered that it had been duped into handing out nearly 10,000 W-2 forms belonging to former and current employees. The Seagate revelation came on the heels of a similar attack on privately held Snapchat. Scammers often change a single letter in an email address or impersonate a CEO’s email address, Barracuda Networks ’ ( CUDA ) Slawek Ligier and Proofpoint ’s ( PFPT ) Ryan Kalember told IBD. Outside education, an enterprise can install Check Point’s Mobile Threat Prevention (MTP) software and have its employees install the ZoneAlarm app, Rembaum said. FireEye ( FEYE ), Symantec ( SYMC ), Intel ’s ( INTC ) McAfee, Palo Alto Networks ( PANW ) and Proofpoint also compete in the mobile security space. A MitM attacker creates an encrypted tunnel — typically through a virtual private network (VPN) — to its own site, directing a user away from the legitimate MDM. Check Point’s MTP solution hunts down that encrypted tunnel. “The user would have received the text, clicked on the link and installed the certificate,” Rembaum said. “Then (Check Point’s software) would reach out and block the connection.” He added: “The actual installation of the malware wouldn’t have succeeded.”