Is antivirus software dead?

Last month, Symantec’s senior VP for information security described antivirus as “dead”, estimating that antivirus now catches just 45% of cyber attacks.

Does this mean we should all stop using it completely? For years, the pillars of cyber security were regarded as antivirus, monitoring/session recording, intrusion prevention software and password protection. However, as attack vectors have become more complex, it has become clear that these first generation strategies just do not offer sufficient protection.

Antivirus still plays its part within a wider security strategy, scanning and blocking known viruses. But as attack vectors become more advanced, traditional security solutions like this are no longer enough to defend against new threats on their own. Modern security solutions must build on this, with proactive technologies that deal with the unknown, as well as the known.

Ponemon's 'Cyber Strategies for Endpoint Defense 2014' report showed that while 96% of companies invest in up to date antivirus solutions, only 34% rate it as effective for preventing cyber intrusion.

So what is the alternative?

Next generation attacks need a next generation response – combining proactive and reactive security strategies to layer multiple mitigation controls. This defense in depth approach ensures that if an attacker combats one security barrier, such as the perimeter firewall, there are preventative measures on the inside to contain the breach.

This creates the most holistic security solution when applied properly – but with so many security technologies on the market, it can be difficult to know where to start.

The best strategies are those that prioritize those controls with the biggest impact. Technologies such as privilege management and application whitelisting, along with regular patching and adopting standard configurations are named by the Council on Cyber Security and others as the most effective ‘quick wins’ based on real-life attacks.

Want to know more? See how our endpoint security suite, Defendpoint, complements existing patching and antimalware strategies to help you take a proactive approach to defense in depth and empower users to be free, without compromising security.