Anti-virus Evolving, But Here To Stay

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  

A New York Times article highlighted the fact that anti-virus is falling farther behind when it comes to detecting and eradicating APTs and other advanced threats. No surprises there. But that said, anti-virus will continue to be a crucial component of an overarching security strategy, and thus, is likely here to stay for the foreseeable future.

Perhaps more than any other security solution, anti-virus has been considered one of the true security basics that organizations can't do without. However, in recent years, anti-virus' role as a security cornerstone has been challenged by an eruption of increasingly advanced threats renowned for their ability to deftly evade detection mechanisms.

But will a rapidly evolving threat landscape be enough to boot anti-virus solutions into extinction? Probably not. And while its function in an organization's security posture may be changing, it's likely that the channel will continue to offer some kind of anti-virus tucked into their security portfolios for the foreseeable future.

Related articles

Over the extended holiday weekend, The New York Times featured an article revealing that anti-virus products are falling farther and farther behind in adequately detecting and blocking myriads of new, sophisticated threats. True enough.

The article was based around a study conducted by Redwood, City, Calif.-based security firm Imperva, Inc., which found that initial detection rates in basic anti-virus products manufactured by industry leaders such as Symantec Corp., McAfee, Inc., Microsoft Corp. and Kaspersky Lab ZAO hovered somewhere near 5 percent.

On top of that, it took anti-virus vendors almost a month to update detection mechanisms in their products in order to spot new threats, the Imperva study revealed.

And nowhere was that more apparent than with new and increasingly evasive advanced persistent threats that have recently emerged on the security horizon.

In particular, the Flame virus, a cyberespionage tool discovered by Kaspersky Lab researchers in May, became a tangible symbol that underscored the anti-virus industry’s failure to stay on top of the latest threats and keep users safe.

Upon closer inspection, researchers discovered that the APT known as Flame had been skulking around the threat landscape for around five years, siphoning off sensitive data from critical systems with features that included the ability to stealthily record audio and capture screenshots. And all the while it had also been evading detection by the vast majority of anti-virus products.

Meanwhile, consumers and businesses spent a combined $7.4 billion on antivirus software last year, representing nearly a half of the $17.7 billion of the total spend on security software in 2011, according to Gartner Inc.

Inevitably, the fallout from the anti-virus industry’s shortcomings in general – and the New York Times article in particular -- will rest on the shoulders of the channel. And among other things, solution providers will be called upon to talk their customers down off the ledge when it comes to their current and future anti-virus investments.

However, the net-net is that the forecast for anti-virus is not as bleak as it may seem. Here’s why: Anti-virus was never intended to be a cure-all or security threat panacea. In fact, since its inception, it was meant to be a critical piece of a more comprehensive security strategy. Will it ever be able to single-handedly catch high-profile threats such as Flame, Stuxnet and others? No, but it was never supposed to.

Like your basic food groups, anti-virus alone can't be the only source of nourishment for an organization's security strategy. That said, anti-virus serves as a critical foundation. Without it, organizations will have gaping holes in the fabric of their security posture that could leave them even more susceptible to looming malicious attacks. In short, they’d be in deep trouble.

Decades ago, when computer viruses were in their infancy and infinitely simpler, anti-virus was intended to be applied in tandem with network firewalls and intrusion prevention solutions.

As threats have become increasingly more sophisticatde and complex, industry experts have extolled the virtues of a layered approach to their security strategy. And those layers have become deeper and more numerous over time.

In 2003, SANS Institute researchers reinforced that at the bare minimum, organizations required e-mail security, gateway and network firewall, and Web filters, as well as numerous endpoint and desktop solutions. That also included relying upon multiple antivirus products to cover all of your bases.

Flash forward to 2011, and that layered approach includes robust patch management, application whitelisting, intrusion detection and data protection technologies such as encryption and even data loss prevention (DLP).

And looking ahead to 2013 and beyond, that layered concept will likely incorporate various forms of security intelligence,  threat analytics, and advanced detection solutions.

Anti-virus, however, is always a crucial ingredient baked into a larger security pie.

Meanwhile, anti-virus products are being updated to proactively detect threats, now incorporating a variety of behavioral and reputation based technologies, while leveraging the cloud and other new platforms as a delivery mechanism.

For solution providers, anti-virus by itself has long since become commoditized -- its time as as profitable standalone come and gone. However, almost every solution provider will continue to carry some form of anti-virus in their portfolio, used in tandem with their own unique blend of security solutions and services.

Ultimately the resulting combination will be the determining factor in their ability to nab APTs and other emerging threats. But anti-virus will continue to be the common denominator for quite some time to come.

  • Tweet  
  • LinkedIn  
  • Facebook  
  • Google plus  
  • Send to Kindle
  • Send to  
More on Best Practices
windows81-logo

Channel Must Intensify Windows Server 2003 Migration Campaigns

Reseller urges channel to get customers clued up before it is too late

nest-egg-money-incubator-accelerator

Report: Late Supplier Payment Becoming The Norm

More than half of global businesses admit to delaying supplier payments according to new study

iphone-5s-stack

Apple is Greenest Brand in Mobile Tech, Report Claims

A survey by environmental organization Greenpeace claims others are failing to match Apple's green credentials

hacker-computer

Home Depot Joins Not-So-Exclusive Data Breach Club

Home Depot has become the latest retailer to lose data to hackers. What can be done to prevent these breaches, and how can the channel assist?

Visitor comments
Add comments
blog comments powered by Disqus
In-depth
healthy-heart

Microsoft Getting Healthy, Thanks to Consumers

Is it time to take the software giant off the watch list of tech companies in distress, at least on the consumer side, asks Larry Walsh

John Murdock - Kaspersky Lab

Vendor Q&A Series: John Murdock, Kaspersky Lab

The latest executive to sit in the channelnomics hotseat is John Murdock, Vice President, Channel Sales, Kaspersky Lab North America

Broken heart

An amicable split?

Where will HP and Symantec's conclusion that the sum of their parts is greater than the whole leave partners?

elvis67878787

Suspicious minds in the post-Snowden world

Investment in new technologies being avoided with security experts wary of cloud and new technologies post-Snowden