Antivirus vendors hampering progress?

SearchSecurity.com expert Robert Vibert analyzes the antivirus software industry.



Each week, various magazines on computers, information security and business that I subscribe to arrive, and I take a look at how the marketing departments of antivirus vendors are trying to entice people to buy their products with print advertising. The results are disappointing, to say the least.

I've seen so many images that have so little -- if anything -- to do with fighting the malware threat that I wonder what is going on. I don't think that any antivirus company is much worse or better than the others in this regard. So many have indulged in images -- as diverse as zebras, a cat on top of a person's head, tough-looking people dressed in yellow suits in various unlikely places and a marsupial -- that it sends the wrong...

signals to the marketplace.

So what do all these images have to do with mounting effective defenses against malware? Your guess is as good as mine. They don't seem to be communicating any significant information, but merely trying to get your attention. I used to sell antivirus software for a living, and during that time, I paid a lot of attention to what the brands I was promoting were using in their marketing. I also paid attention to the competition. After a while, it seemed that there was a real disconnect between what customers needed to know and what was being said in these advertisements.

This disconnect has continued to this day. Advertisements for antivirus products typically promise protection from all threats, which is a shame since these products are really just adequate protection from one or two types of threats.

If you was to sit down and document all the malware threats that exist just from the Internet, the list would be much longer than the list of those threats for which your system will be protected by the product that comes with an umbrella or the guys in yellow suits, for example. I'm not singling these products out, as all antivirus products fall short in one way or another.

So, besides the fact that antivirus companies use eye candy to distract you from the realities of the protection you are getting (like the ad with the woman dressed provocatively and suggesting she could compromise your security...), what is the relevance of all this to the user of antivirus software?

One of the biggest problems facing computer users these days (and that means you) is that the threat level is steadily increasing and the response from vendors is still stuck in several old paradigms. Software vendors are now fighting each other for market share -- the growth in the actual overall marketplace is minimal, apart from organizations increasing their coverage by adding e-mail protection to the existing desktop and firewall protection, for example.

But the days of rapid growth due to only a reduced percentage of the corporate user base having adequate antivirus software widely installed are over. Most organizations these days have at least the minimum level of protection installed, and the level of protection is rising. So, antivirus companies need to steal market share from competitors, which distracts them from working on the real problems. They spend valuable resources making prettier interfaces and marketing themselves to people who already know about the threat, hoping that they can snare away a few customers.

It would be far better for all antivirus companies to devote their resources to developing better tools for managing antivirus solutions, better appliances (don't even dream of trying to use the existing ones in a large organization and broadening the scope of protection offered.) Instead, they milk the existing technology and hope that customers will not rise up in arms each time that a major virus or worm makes it past the supposedly invincible defenses.

Confidence in the antivirus products in use is never overly high in large organizations. For many, they count on a whole array of techniques, including attachment blocking at the gateway or firewall, blacklisting of known bad domains, etc. These approaches are an indictment of the inadequacy of the protection offered by antivirus products.

Senior managers also need to understand that if the number of serious virus incidents inside their walls has dropped over the past few years, it is due to the efforts of the people in the front line, not just the products purchased. This problem of management short-sightedness has sometimes resulted in reductions of staff and resources dedicated to fighting the malware threat. The fallout will be even more costly than the amounts "saved" by cutbacks. Perhaps the CEO should also be booked into the cheapest hotel in town when he travels, no matter what the security implications of "that" part of town.

Change is always a threat to the status quo, but without change nothing goes forward. It is time for antivirus developers to stop fighting with each other (yes, buy out the competition if you have to) and focus on the really important issues.

About the author
Robert Vibert has been assisting organizations in the fight against viruses and other malware for so long he no longer remembers what is was like before these critters were to be found. It is a base-less rumor that he crushes lumps of coal into diamonds using his bare hands -- someone else already uses that line.


This was first published in December 2002

Dig deeper on Network intrusion detection and prevention and malware removal

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close