Are Antivirus Solutions Becoming Obsolete?

Sue Marquette Poremba
Slide Show

Eight Trends That Are Changing Network Security

Yesterday, I talked about how the vast majority of APT cyber attacks appear to be caused by spear-phishing email. It would seem to follow that the primary advice to protect one’s computer and network, after reinforcing education on telling the difference between spear phishing and legitimate emails, would be to make sure your security software, especially your antivirus (AV) software, is up to date. That still stands, but recent findings from Imperva put a question mark on whether or not AV is the right security solution in today’s cyber landscape.

The Imperva report, “Assessing the Effectiveness of Anti-Virus Solutions,” analyzed more than 80 unreported viruses against more than 40 antivirus solutions and found that zero antivirus solutions were able to detect previously unreported viruses and that 75 percent of solutions took up to a month or longer to update signatures. Although the report hasn’t gone live as of this writing, I think it is important to point out this finding:

Enterprises waste far too much on antivirus.  In 2011, Gartner reported that consumers spent $4.52 billion on antivirus while enterprises spent $2.9 billion, a total of $7.4 billion or nearly a third of the total of $25.4 billion spent on software security.  This massive expenditure no longer enjoys a return on investment and both consumers and enterprises should look into freeware.

In fact, although Imperva did not find a single antivirus product that provided optimal protection, the best solutions available included two freeware antivirus products.

In a release, Amichai Shulman, CTO at Imperva, stated:

Enterprise security has drawn an imaginary line with its anti-virus solutions, but the reality is that every single newly created virus subverts these solutions without challenge. We cannot continue to invest billions of dollars into anti-virus solutions that provide the illusion of security, especially when freeware solutions outperform paid subscriptions.


This isn’t the first time someone in the security industry has questioned whether or not AV solutions have reached the end of their lifecycle. This past summer, Mikko Hypponen, chief research officer of F-Secure, wrote a piece published in Ars Technica with the same question about the effectiveness of AV:

The truth is, consumer-grade antivirus products can’t protect against targeted malware created by well-resourced nation-states with bulging budgets. They can protect you against run-of-the-mill malware: banking trojans, keystroke loggers, and e-mail worms. But targeted attacks like these go to great lengths to avoid antivirus products on purpose. And the zero-day exploits used in these attacks are unknown to antivirus companies by definition. As far as we can tell, before releasing their malicious codes to attack victims, the attackers tested them against all of the relevant antivirus products on the market to make sure that the malware wouldn’t be detected.

Does this mean that we should ditch AV? Of course not, but we should question how the security solution budget is spent and what other points we can protect on our networks.



Add Comment      Leave a comment on this blog post

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.


 
Resource centers

Business Intelligence

Business performance information for strategic and operational decision-making

SOA

SOA uses interoperable services grouped around business processes to ease data integration

Data Warehousing

Data warehousing helps companies make sense of their operational data


Thanks for your registration, follow us on our social networks to keep up-to-date