"In many ways the thing you probably want to be most concerned about is something that is new and no one else has seen but I don't think you've got the time and effort involved to do that," Day added.
"At the end of the day, when you get the world's smartest threat and somebody has spent a lot of time and effort on it, even if it is picked up by anybody, what are they [the malware creators] going to do? They will keep tweaking and tweaking it until they think it will get through."
We need to start taking a more balanced view of accepting that people make mistakes, targeted attackers will at some point get in.
He admitted targeted attackers will be able to pierce defences and cause havoc. To deal with this, Day called for a focus on what to do after a break-in.
"The underlying trend here is that we spent decades building up great defensive techniques and actually I think we need to start taking a more balanced view of accepting that people make mistakes, targeted attackers will at some point get in and I think we have to start thinking about how we make security more bi-directional," Day added.
"If the user does click on the wrong thing, how do I put the controls in place that mean I have at least the forensics or the auditing to know what left and preferentially I can stop it going out of the door to start with."
Symantec doubters would have leapt on those comments, claiming security companies should be improving how they defend companies from attacks, not how to protect the information following a compromise.
Whatever you think of Symantec's DLP-focused approach though, it's clear the company recognises a shift in the threat landscape. It's just taking its own path towards change.
Yet Zuk is convinced such big companies can't adapt to the shift occurring in the sector, where targeted threats present the most significant problem. "Big companies cannot change to new markets," he continued. "There is no way they will adapt."
Of course, Zuk can't possibly be sure about that. Symantec, and others like McAfee, Trend Micro and Kaspersky, all have the financial clout to invest in either R&D or in an acquisition. They can adapt, they just need the foresight and willingness to do so.
In reality, the old guard will remain in the upper echelons of the industry for some time, whether they change their protection technologies to block zero-days outright, or they move to post-attack strategies and the DLP market.
The new guard
What's really exciting is the innovation and sheer gall of the new generation of security companies. They have potentially disruptive new pieces of technology at their disposal which really could upset the big players.
Furthermore, these minnows don't look like they will cave to pressure from their more powerful rivals. Like any company which wants to get big, Palo Alto is one of those that scoffs at acquisition attempts.
With that kind of attitude, and the fact that in only four years it is already supplying major banks across the world, Palo Alto is a company that looks sure to succeed. Contemporaries like M86 and cloud-based security firm Zscaler look on the path to becoming bigger players as well.
And as for the IT guy, greater competition only means better products. In turn, that means a safer business. It's a win-win for them.
