Despite well over a decade of sales success, antivirus technology has never been beloved in the security marketplace. Security professionals do not have immense faith in antivirus (AV) products to stop modern malware, and average users have never enjoyed the notifications, scans, and updates that go along with protecting a computer from roughly 6,000 new malware variants per day.
Clearly AV continues to survive and thrive well after many predicted it would fall by the wayside; however, it will be interesting to see how AV adapts to the next generation of security products built to address new endpoint security requirements. Companies like Bit9, Bromium, Cylance, Mandiant, Guidance, and others are using specialized security products and suites to protect information in new ways - it is now up to the traditional giants of AV to keep up. This can be done in a number of ways, from M&A, to funding their own R&D efforts, to partnering with one of the new companies in order to combine offerings, but if history has proven anything it is that AV vendors will find a way…
There are a number of reasons why AV remains a major factor in the security field. It can be especially useful in a non-enterprise environment, where (most) consumers have no means of security recourse beyond basic firewalls and whatever AV they use. Antivirus software is also a regulatory compliance pillar, and those governing bodies do not have a reputation for quick change or adaptation, so AV will continue to hang around in this capacity for the foreseeable future.
Most importantly, even if AV does become a legacy product that only keeps out basic malware, it is still valuable. If endpoint security is in the process of transitioning its game from college to the professional level, it would have the same mantra as all great pro athletes: “remember the basics.” All the next-gen security products designed to stop next-gen threats would be no good if there wasn’t something blocking the ten-year old Windows XP virus still making the rounds, as much a danger as it ever was to the many entities who stay on the back-end of the software-update curve.
Despite these market advantages however, there is no denying some of the impending problems facing the AV industry. According to ESG research:
- 62% of security professionals either agree or strongly agreed with the statement, “Host-based security software is effective for detecting/blocking older types of malware but is not effective for detecting zero-day and/or polymorphic malware commonly used for targeted attacks today.” Security professionals are losing faith in the ability of AV to keep up with current attack trends.
-52% of respondents agreed or strongly agreed with the statement, “Our continued use of traditional host-based security software (i.e. Antivirus) is driven by regulatory compliance for the most part." More than half of security professionals would consider not even using AV if it wasn’t mandated, which does not demonstrate a high level of need for the product in terms of functionality.
-44% agree or strongly agreed with the statement, “Host-based security software is a commodity product with little measureable difference between brands.” If security professionals don’t think AV is effective against modern threats and would not use it if it wasn’t a compliance need, and they think most of the brands are the same, then it follows that at some point they will simply begin advocating for the cheapest AV option out there. Including possibly freeware down the road.
If the traditional giants do not lead beyond AV alone, they risk commoditization. With freeware already comprising a sizeable market share, traditional AV giants should look to expand into non-traditional areas as soon as possible. Next-generation solutions seem to be the way that security professionals (read: folks who influence the purchasing decisions) are trending, and AV companies will fight for those dollars moving forward. Given this, they should be properly armed and prepared for the upcoming battle.