Symantec CEO: We don’t employ hackers

Ethical hacking is just another name for quality assurance, the security company’s CEO says

Ethical hacking has a definite role to play in keeping businesses secure, according to the Symantec’s CEO Enrique Salem, but the company will not hire known hackers to carry out the service.

Responding to Computerworld questions at a media conference in Sydney, Salem said the issue of hackers playing both ethical ‘white hat’ roles as well as criminal ‘black hat’ roles to become effectively ‘grey hats’ was an issue in the security industry.

“You always worry about [grey hats]. Symantec has a standing policy that we don’t hire anyone to be a part of our company who has done any kind of known hacking,” he said. “We will not employ hackers.”

Despite the policy of not employing active hackers, the company still had strong internal resources to keep up with new threats developed by black hats, Salem said

“I was in a meeting and somebody said, ‘does that mean you’re not going to get the best thinking?’ And I say, no, we have a bunch of very smart people who will figure out better than anyone else, how to protect customers.”

This, Salem said, did not equate to admitting that Symantec trained up its own team of in-house hackers.

“We train people on the best techniques to detect vulnerabilities… that’s a very clear point of view on how our job is to protect customers and data, and what you want is that no-one can compromise your websites,” he said.

Salem added that he disputed the term ‘ethical hacking’, arguing that the phrase was just another name for the standard process of vulnerability checking.

“When you think about business – companies need to figure out where the yare vulnerable. [Ethical hacking] is one of the techniques they can use to figure that out,” he said. “The challenge with the phrase ‘ethical hacking’, is that it has the word ‘hacking’ in it. To me it is just a quality assurance process.”

Email Computerworld or follow @computerworldau on Twitter.

More about: Symantec
References show all

Comments

1

Anonymous

Fri 11/12/2009 - 16:48

Good thing they never did hire anyone from Cult of the Dead Cow or L0pht... oh wait, they BOUGHT some of them with @stake. They have publicly admitted to this hacking thing.

2

Space Rogue

Fri 11/12/2009 - 21:31

Hahaha "We don't hire hackers" what a crock. Hey Enrique, you should probably research the history of your own damn company before you speak.

http://www.symantec.com/press/2004/n041008.html

- Space Rogue

3

Anonymous

Sat 12/12/2009 - 02:40

I worked at symantec.

Hahah.

pwnt

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: symantec, ethical hacking
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/22/cdex/

CDex

CDex can extract the data directly (digital) from an Audio CD, which is generally called a CD Ripper or a CDDA utility.

HP and IDG news, product videos and resources

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia