Some may be declaring that antivirus is dead, but Watchguard disagrees.
In May, Symantec information security senior vice president, Brian Dye, told PC World that relying on traditional antivirus is a dead end, as it typically only detects 45 per cent of all attacks.
Beyond Dye’s statement, WatchGuard Technologies A/NZ regional director, Pat Devlin, said the topic has become news due to a new generation of products, namely Advanced Malware Blockers, that analyse software behaviour instead of a file's signatures.
“These products look at a file and analyse ‘what it does’ rather than ‘what it looks like,’” he said.
Devlin clarifies there is no sudden influx of new malware, also known as a morphing Zero Day threat, that can only be caught in this manner, and has in fact been around for many years.
“The reason this is a popular topic for discussion is that the industry has a product to sell which deals with this problem,” he said.
The threat remains
While certain industry pundits and experts are not enthusiastic about traditional antivirus, Devlin said it is still a very efficient way of actioning on a known group of threats.
“The intelligence gathering process is actually the same for both advanced malware and old school viruses, but the protection from traditional antivirus is far more resource efficient and cost effective, even if both systems are in place,” he said.
Devlin adds that the issue is split between knowing there is a gap and then closing it, as well as remembering that networks are not the only way malware spreads.
“People still use removable media of all types, and some of the industry's most famous infections were able to target systems that were on isolated networks by leaping onto removable media,” he said.
In the case of Advanced Malware Blockers, they struggle with this delivery mechanism as they typically operate in the network path.
Connected beyond imagination
Instead of thinking in terms of antivirus, Devlin said today’s security landscape revolves around connectivity.
While the datacentre has moved into the Cloud, a numbers of new end points are also turned on and connect to it.
“All this connectivity has given us massive productivity and collaboration gains but there is a price to be paid, and that price is risk,” Devlin said.
“The more accessible our applications and data are to us, the more they are to someone else.”
In a environment such as this, Devlin expects the opportunity for partners and resellers to be "bigger than ever before," whether it is protecting end point devices, watching data in motion or staying vigilant inside the datacentre itself.
“This new age of connectivity has created new demand for security services, and it's a demand that is only likely to increase over time,” he said.
Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.