{"id":417,"date":"2015-07-31T03:49:09","date_gmt":"2015-07-31T10:49:09","guid":{"rendered":"https:\/\/www.ssls.com\/blog\/?p=417"},"modified":"2023-09-27T14:03:07","modified_gmt":"2023-09-27T21:03:07","slug":"website-security-findings-symantec","status":"publish","type":"post","link":"https:\/\/www.ssls.com\/blog\/website-security-findings-symantec\/","title":{"rendered":"Website Security Findings from&nbsp;Symantec"},"content":{"rendered":"<pre>Namecheap.com enjoyed a rare opportunity to chat with Symantec VP Rob Hoblit and hear his thoughts on the new report's outcomes.<\/pre>\n<p>Below we provide the interview originally appeared on the <a href=\"https:\/\/blog.namecheap.com\/website-security-advice-from-symantec\/\" target=\"_blank\" rel=\"noopener noreferrer\">Namecheap blog<\/a>.<br \/>\n<a href=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/07\/website-security-post.jpg\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-421\" src=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/07\/website-security-post.jpg\" alt=\"website security symantec\" width=\"728\" height=\"400\" srcset=\"https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/07\/website-security-post.jpg 728w, https:\/\/www.ssls.com\/blog\/wp-content\/uploads\/2015\/07\/website-security-post-300x164.jpg 300w\" sizes=\"auto, (max-width: 728px) 100vw, 728px\" \/><\/a><br \/>\n<!--more-->Symantec has recently published its 2015 Website Security Threat Report. This comprehensive annual report compiles Internet threat data based on the findings of the Symantec\u2122 Global Intelligence Network, which is made up of more than 41.5 million attack sensors and records thousands of events per second. Rob Hoblit, Symantec\u2019s Vice President of Trust Services Product Management, shared his thoughts on the report outcomes.<\/p>\n<h2>What does this year\u2019s report tell us?<\/h2>\n<p>The Website Security Threat Report 2015 reminds us, once again, that cybercriminals are relentless, and they will continue to find more and more sophisticated ways to attack and exploit any security weaknesses. Fortunately, <a href=\"https:\/\/www.ssls.com\/blog\/cyber-security-2015\/\">security<\/a> technology also continues to advance, and Symantec has unrivaled insight into emerging threats that helps keep Namecheap customers a step ahead.<\/p>\n<h2>What\u2019s the biggest security challenge facing businesses today?<\/h2>\n<p>The challenge today is to <a href=\"https:\/\/www.ssls.com\/blog\/why-access-control-plays-a-vital-role-in-information-security\/\">protect<\/a> the Internet for everyone, from the online novice to the seasoned web surfer. This is becoming easier thanks to important milestones in website security technology. For example, EV SSL turns the browser bar green, indicating a safe site. So your users will know their browsing activity is secure, regardless of how much they know about web security. EV verification guidelines are drawn up by the CA\/Browser Forum and require the CA to run a much more rigorous identity check on the organization or individual applying for the certificate, so <a href=\"https:\/\/www.ssls.com\/ssl-certificates\/comodo-ev-ssl\">EV SSL<\/a> provides the highest visible display of online trust for Namecheap customers.<\/p>\n<h2>What concerns you most about the current landscape?<\/h2>\n<p>We\u2019re keeping an eye on organized cybercrime. A drive-by download web toolkit, complete with updates and round-the-clock technical support can now be rented from just $100 per week. DDoS attacks can be ordered against a site for between $10 and $1000 per day. Credit card details can be purchased for between $0.50 and $20 per card. And 1,000 followers on a social network can be bought for as little as $2. With a whole host of off-the-shelf products and services available, and even a choice of service providers, cybercriminal operations are increasingly capable of disguising themselves as legitimate industries. Faced with this growing level of infrastructure and organization, we strongly recommend that Namecheap\u2019s business customers utilize the right website security technology, implement it properly, and maintain it correctly.<\/p>\n<h2>What\u2019s the biggest single weakness in security today?<\/h2>\n<p>Unfortunately, the human element is the weakest link in the equation. It presents itself in two ways: Take the infamous Heartbleed bug of April 2014 that affected free-to-use OpenSSL software, along with 17% of SSL web servers. This isn\u2019t a story about criminal genius; it\u2019s about a failing in human-built OpenSSL software. The second example is the targeted attacks against organizations via spear-phishing email campaigns, which rose 8% in 2014. This shows that as security measures get harder to crack, criminals go after the soft target instead: The staff.<\/p>\n<h2>What\u2019s the next big leap in security technology?<\/h2>\n<p>We\u2019re taking SSL security to the next level, which is great news for Namecheap users. 2014 saw <a href=\"https:\/\/www.ssls.com\/blog\/cyber-security-2015\/\">SSL certificate<\/a> algorithms become stronger than ever. At Symantec, we moved from SHA-1 to SHA-2 as a default. We also now offer an option of the ECC algorithm. ECC-256-bit keys are a much stronger alternative to the industry-standard RSA algorithm and are 10,000 times harder to crack. What\u2019s more, ECC also requires far less processing power on a website than RSA, and it can handle more users and more connections simultaneously. ECC is the next chapter in the exciting story of SSL.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Namecheap.com enjoyed a rare opportunity to chat with Symantec VP Rob Hoblit and hear his thoughts on the new report&#8217;s outcomes. Below we provide the interview originally appeared on the Namecheap blog.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[24],"class_list":["post-417","post","type-post","status-publish","format-standard","hentry","category-news","tag-security"],"_links":{"self":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/417","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/comments?post=417"}],"version-history":[{"count":20,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/417\/revisions"}],"predecessor-version":[{"id":2679,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/posts\/417\/revisions\/2679"}],"wp:attachment":[{"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/media?parent=417"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/categories?post=417"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ssls.com\/blog\/wp-json\/wp\/v2\/tags?post=417"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}