No one is safe -- security quo vadis?
With McAfee looking for a new home, Symantec acquiring Blue Coat, NewGen Unicorns claiming they are the "next best thing" since the invention of the wheel, and years of criticism from analysts and users alike about the loss of efficacy, the Anti-Virus market is being hit from all directions. Into this upheaval, the acquisition of AVG Technologies by rival Avast Software was recently announced.
This mayhem within the AV market highlights two issues: the market is confusingly saturated with security vendors telling similar AV replacement stories, and the AV incumbents know that they need to change or lose. This is leading to an industry-wide trend of accumulating even more solutions to face off the criticism, the newcomers and the loss of market.
But is hoarding more solutions the remedy for the customer? With the industry chatter following Google Project Zero researcher Tavis Ormandy’s discovery of Symantec vulnerabilities, comes the reverberating story that "even the safe is not safe". This only highlights the importance of taking an approach that focuses on several complementing security technologies versus relying on one security vendor or platform. The creation of a new cybersecurity stack, if you will.
AVG Technologies’ CEO Gary Kovacs told Fortune following the acquisition news that "A couple of things have happened in the security world. The definition of security has expanded. It used to be that if you had AV (antivirus) and a firewall on the desktop you were good. You felt secure. You felt like you had incorporated the right amount of protection. Today, AV and firewall are just features of a much broader security landscape".
Mr. Kovacs is right, but what is the path forward, what is the right amount of protection? Add more of the same on an already bloated endpoint? Industry discussion should center around the “right stack” to provide adequate anti malware protection alongside operational efficiency. Augment traditional signature-based approaches with memory protection and exploit prevention that prevent the common ways that malware gets onto systems. And do it with a low number of agents, a lower level of compatibility issues, less CPU drain, fewer false alerts and lower remediation costs.
The “right amount of protection” may be the combination of new technologies like Moving Target Defense to handle advanced threats combined with existing "good hygiene" products like Anti-Virus. With all its flaws, AV is still the most effective prevention for run-of-the-mill malware. With such an inexpensive stack, companies could possibly do away with HIPS, personal FW, tedious repetitive patching prompted by new vulnerabilities and other techniques that do little to improve security efficacy, but a lot to increase the inefficacy of workstations and their users.
Let’s shuffle the cards. Let’s stop being predictable. Let’s focus on risk management as the strategic impetus, rather than on compliance, or on a single platform. Let’s identify lean, best-of-breed stacks that focus on effective prevention and catching the bulk of attacks for the lowest cost.
As Chief Business Officer, Omri Dotan oversees Morphisec’s business operations. A pragmatic visionary, Omri brings over 26 years of leadership in global hi-tech operations to Morphisec.