Symantec Revamps Security OfferingsExperts Ponder Whether Anti-Virus Market is 'Dead'
Symantec is taking a new approach to advanced threat protection by revamping its security offerings in an effort to enable quicker detection and response to security incidents.
The company's announcement of a new strategy comes after Brian Dye, senior vice president of Symantec Information Security, told The Wall Street Journal that the market for anti-malware software, Symantec's long-time core product, "is dead."
Elizabeth Soares, a spokeswoman for Symantec, followed up on Dye's statement, saying: "The era of AV-only is over. Companies need comprehensive attack prevention that integrates the full range of security technologies." But anti-virus applications continue to be an important part of the company's portfolio, Soares says. "Combined with intelligence and other technologies we are pioneering, we can solve larger customer problems."
Symantec's new approach to security is a welcome sign given the rapidly evolving threat environment, says Shirley Inscoe, a fraud analyst at Aite Group. "It is a whole new world, and it is good to see a major firm admit they must make radical changes in philosophy, approach and product to provide the security needed," she says.
New Security Offerings
Within the next six months, Symantec will introduce a new incident response service as well as a new intelligence service, which will provide threat visibility and analytics. The company will offer advanced reports on threat actors, providing "visibility into the types of attacks that may target an organization," according to the announcement.
Symantec also is developing a new product, the Advanced Threat Protection Solution, which is scheduled to be in beta testing within six months and generally available within the next 12 months. This end-to-end solution will deliver integrated advanced threat protection - across the endpoint, e-mail and gateway - to provide customers with detection and response capabilities at each control point, the company says.
"To successfully defend against the types of targeted attacks we're seeing today, you need to expand the focus from prevention to detection and response," Dye says in the announcement. "Network security alone isn't going to solve the problem. Adversaries are targeting all control points, from the gateway to e-mail to the endpoint. Organizations need security across these control points working together, with incident response capabilities and global information intelligence, to beat the bad guys."
Is Anti-Virus Software Dead?
The comment from Symantec's Dye on the market for anti-virus apps being "dead" was met with differing views from security experts.
"For the sake of argument, if anti-virus catches one-third of all incoming viruses, it means you have to spend 30 percent less time cleaning up infected systems," says Anton Chuvakin, a research vice president at the consultancy Gartner.
"To me, it is still pretty useful," he adds. "At what level of effectiveness would you state that a technology is dead? Frankly, nothing in security is ever dead."
But Inscoe of Aite Group sees anti-virus software as being "fairly useless" given today's threatscape. "The types of threats in today's environment evolve so rapidly, anti-virus software is outdated by the time it is installed," she says. "So, as a stand-alone protection, it is dead."
Inscoe also argues the change in attitude towards anti-virus applications is a result of cybercriminals becoming increasingly sophisticated in finding new ways to gain access to sensitive information. "They find a vulnerability nobody even thought about from a security perspective," she says. "End-point to end-point security really is a basic requirement going forward."
Effective security requires a blend of many solutions, Chuvakin says, including those that are host- and network-based, signature- and anomaly-based, and prevention and detection and response-based. "No one tool type will rule the threat mitigation landscape."