Security Market Segment LS
Tuesday, 31 July 2018 18:03

Symantec opens doors on biggest, most modern security operations centre


Cyber security vendor Symantec has opened the doors to its largest and most modern global security operations centre.

The SOC, located in Chennai, India, is a local support centre for regional customers, and also serves as a resource to Symantec’s operations and customers globally.

This SOC holds a special place in the world: Symantec says it operates the largest civil cyber intelligence network in the world, and of that network, it is the Chennai SOC which is Symantec’s largest and most modern. Consequently, it is the largest cyber security centre in the largest cyber security network.

The SOC is not new — it opened in 2011 as a front-line defence against online threats for customers across the world — but Tuesday’s launch explained it had undergone a significant and substantial transformation. This transformation includes building capacity and staffing, but the most significant transformation is with its mission.

To give background, Symantec’s SOCs exist in six regions, including Kent Street, Sydney, offering real-time, comprehensive protection from known and emerging threats, enabling business and governments to minimise risk and strengthen their security posture. The SOCs manage the regular day-to-day contact with customers in their region.

What makes the revamped Chennai SOC different is because it will serve as a back-up to all the other SOCs with out-of-hours support and global operations and intelligence generally.


John Lionato, vice-president and head of Global Operations, Cyber Security Services, Symantec, says other companies use a “follow-the-sun” support model, but at the Chennai SOC the “sun never sets.”

Symantec selected Chennai based on its timezone, its three undersea network connections providing high-speed low-latency global connectivity, and the enormous skill base available; Symantec finds about 10-15 viable candidates per 100 resumés received, compared to two or three per 100 in other countries.

Specifically, the Symantec SOC approach is distinguished in two ways, both relating to customers. “We like talking to our customers,” Lionato says.

Firstly, it focuses on retention and Net Promoter Score loyalty indicators as its metrics for success. While call duration statistics are measured, it is not for staff performance purposes.

Secondly, the people who staff the SOC — analysts, engineers, onboarding experts, and everyone else — do not sit in team silos. Instead, they are organised cross-functionally by geography and industry to build deep familiarity.

“To do that you have to become familiar with the customer,” Lionato says. “The challenges facing a customer here in healthcare are different to those of a customer over there in healthcare or a different industry.”

Lionato says the design reflects Symantec’s approach to its customers and is in stark contrast to the typical call-centre methodology where anonymous, ever-changing agents are measured by time to close a call, no matter if the customer is happy.

Instead, the approach at Chennai sees a real pride of ownership form within the team, who don’t simply see Symantec customers, but their own customers. In turn, this delivers deep value to customers, analysts knowing their customers and inspired to start innovation projects they either think of from their own experiences or which are customer suggested.

Within Chennai, the Symantec SOC is seen as an employer of choice, and staff display their five-year incremental tenure awards along the walls. These recipients are acknowledged as smart, go-to guys who can help new team members with insights to solving difficult problems.


“Security is a team sport,” adds Peter Sparkes, senior director, Cyber Security Services, Asia Pacific & Japan, Symantec. “The SOC is where we bring the team together and it’s game on every day.”

Despite the geographical diversity, “all our people are trained exactly the same way”, Sparkes says. “We supported the Commonwealth Games and brought two Chennai analysts over to work with our team. On day one they logged in and worked exactly as Australian analysts did.”

Underpinning the SOCs is the Symantec global intelligence network, which the company says is the largest collection of intelligence and threat telemetry on the planet.

Telemetry data is collected from the gamut of Symantec and Norton products including its “endpoint protection products, cloud services, BlueCoat proxies, Data Loss Prevention (DLP), Cloud Access Security Brokers (CASBs) … everything we do”, says Marc Andrews, senior vice-president, Worldwide Sales.

“We have nine trillion rows in our database,” says Sanjay Rohatgi, senior vice-president, Asia Pacific, Symantec. “We record 200,000 threat Intels per minute globally. Symantec operates the largest civil cyber intelligence network bar none.” The company expects it would have detected half a trillion pieces of malware within 2018.

According to a Symantec representative, Symantec's 500+ certified cyber security professionals analyse more than 150 billion security logs worldwide each day, and globally help secure 175 million endpoints, 80 million Web proxy users, 63 million email users and 50 million consumers.

Beyond threat detection, the SOC aids customers in their own risk management and investment directions. “We monitor constantly and can give metrics to make real decisions,” Sparkes said. “Security is no longer a black art and purchasing decisions can be made with data, not just relying on what a customer thinks is the right thing to do.”

The SOC was officially opened by Samir Kupuria, executive vice-president and general manager, Cyber Security Services, who said, “Our mission is to protect people at the end of the day – to protect people, to protect property whether IP or property that can be damaged by attacks, to protect the government, and to protect society at large.”

The launch was attended by:

Dr Gulshan Rai
National Cyber Security Co-ordinator, Government of India, PMO

Neeta Verma
Director-General, National Informatics Centre, Government of India

Swayan Chaudhuri
Managing Director and chief executive, Imagine Panaji Smart City Development

Alex Paul Menon
Chief executive, Chhattisgarh Infotech Promotion Society (CHiPS)


The writer attended the Symantec Security Operations Centre opening in Chennai as a guest of the company.

Read 4648 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


If you're looking at enabling Microsoft Teams for your contact centre, you should bookmark this webinar.

Marketing budgets are now focused on Webinars combined with Lead Generation.

Our panellists from Whangarei District Council (NZ) and Maurice Blackburn Lawyers (Aus) were closely involved in recent projects to enable Microsoft Teams for their own contact centres.

They have kindly agreed to join Enghouse and Microsoft to talk about some of the things they would recommend as most critical for IT and CX professionals planning a Teams Contact Centre migration.

Date: 11 May 2022
Time: 12pm AEST | 2pm NZST | 10am SGT

We look forward to having you join us. Please click the button below to register.



The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


David M Williams

David has been computing since 1984 where he instantly gravitated to the family Commodore 64. He completed a Bachelor of Computer Science degree from 1990 to 1992, commencing full-time employment as a systems analyst at the end of that year. David subsequently worked as a UNIX Systems Manager, Asia-Pacific technical specialist for an international software company, Business Analyst, IT Manager, and other roles. David has been the Chief Information Officer for national public companies since 2007, delivering IT knowledge and business acumen, seeking to transform the industries within which he works. David is also involved in the user group community, the Australian Computer Society technical advisory boards, and education.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News