With the advancements in technology the threat landscape is evolving too.
Malicious software is becoming harder to detect and remove – it is also starting to affect a wider range of devices because of the ‘Internet of Things’. There has been some cases that advance malicious software can even bypass the anti-virus software by changing its code!
In some ways there is truth behind what Brian Dye, senior vice president of Symantec famously said a few months ago ‘Antivirus is dead’ and it is ‘doomed to failure’ because Anti-Virus relies on a signature database to block out malicious behaviours so, if a particular piece of malicious code has never been seen before – you will probably be a victim to it.
However AV is not completely doomed as Eugene Kaspersky quite rightly said, it is still ‘very much alive and kicking’ because as threats evolved so has the traditional AV. It is about choosing a product that has a database that is continuously updated and have a good feature set.
Many vendors are now reinventing AV and changing it to ‘Endpoint Security’ which offers a wider range of features from your standard things like Anti-Virus, Anti-Spyware and Anti-Malware but, include features like application control, mobile device security, encryption and rule-based system behaviour blocking.
However security has become more complex and just because AV or ‘Endpoint Security’ has more features, we cannot just relying on it to be the sole system defences, it is not viable anymore. It will not provide an adequate level of protection for a modern day complex network.
Networks have developed into complex environments with multiple layers and a range of devices connected so, a layered approach to network security is key because it helps protect the different level within the infrastructure.
AV should just be seen as the first line of defence only, its aim is to protect users from things like spam emails, malicious attachments and websites. Occasionally some will get through but this approach is more secure and safer. Always keep in mind there is no 100% defence against the malicious cyber-attacks because the variables are always changing. Continuously network monitoring is also key to catching any abnormal behaviour.
For more information on network security please feel free to contact us on 0845 603 5552 or firstname.lastname@example.org