As more than two million new malware signatures are identified each month, and more organizations are falling prey to zero-day attacks, traditional anti-virus (AV) simply can't keep up in the malware arms race.
If your organization is anything like the companies we've been speaking with, then you know firsthand the headache and ongoing challenge that the rising cost of malware has created.
In fact, 48 percent of organizations recently reported an increase in their IT operating expenses, according to the 2010 Ponemon Institute study commissioned by Lumension. Fifty percent of them said the main driver was an increase in malware.
So, what constitutes this ever-growing price tag?
- The cost of deploying, managing and updating AV software.
- The performance impact on computer servers and networks running AV, which has to monitor a growing amount of network traffic and malware signatures.
- There also is the cost for help desk calls and time spent cleaning up and reimaging employee laptops and other infected endpoints.
- Then there is the cost of lost data – from individual files to entire disk drives to entire databases. And today's increasingly sophisticated attacks are targeting sensitive and proprietary data, such as personal information and intellectual property.
- Finally is the cost of network downtime and the resulting loss in productivity. IT loses productivity when addressing problems caused by malware, rather than focusing on more strategic activities.
It makes you wonder: While malware continues to grow at an exponential rate, and hackers continue to become uniquely sophisticated in their attacks, how can anyone stay safe and ahead of the security game?
While AV is a still a relevant technology within endpoint security and one that should be used consistently to help manage fast-spreading and widely known malware, relying on AV as your primary defense against malware is wholly ineffective.
Clearly AV is necessary but not sufficient as a standalone defense. There are simply too many attacks, vulnerabilities and connections for AV to remain the efficient safeguard it once was.
With traditional AV software, you're defenseless against zero-day malware – that is, malware that takes advantage of a recently discovered vulnerability where no patch yet exists and is so new that no AV vendor has a signature defined or deployed.
The days of simply installing AV and trusting that you're protected are long gone. There are too many vulnerabilities in your organization's applications, too many applications being downloaded onto your desktops and laptops, and too many new instances of viruses, worms and trojans.
Not to mention, too much associated cost in lost time, resources and productivity due to malware.
A recent report on endpoint security by Aberdeen Group compared “best-in-class” and “laggard” organizations. It found that both best-in-class and laggards had deployed baseline security technologies such as AV, but the best-in-class organizations were far more likely to be early adopters of more advanced security technologies.