SVP Product Management McAfee Labs
Everyone’s looking to shave their IT budgets, manage fewer vendors and streamline. The plethora of low cost and sometimes free AV products is an enticing option to lower the cost to secure any business. Some free antivirus programs do an acceptable job of detecting, blocking and removing certain kinds of malware, but don’t provide protection from ALL the rapidly growing threats that attack multiple system vulnerabilities.
While traditional antivirus technology continues to hold value for consumers and enterprises, it is only one layer in what needs to be a multi-layered defense. As such, McAfee pioneered behavioral and other “day-zero” protection technologies to protect against rapidly morphing threats that can evade traditional blacklisting.
Host Based Intrusion Prevention Systems (HIPS) and Application Control are just two examples of security technologies that McAfee has delivered to protect millions of endpoints. For example, McAfee Application Control protects against 100% of the threats in Imperva’s tests. McAfee has optimized the ability to respond to evolving threats and our Global Threat Intelligence (GTI) is an example. It provides the most comprehensive view of the evolving threat landscape, correlated with threat intelligence from and across all threat vectors – file, web, message, and network –driving the transition from blacklisting to grey and white listing. While blacklisting is still a vital ingredient for protecting devices, there is only a small percent of the threats out there that are new and still plenty of old threats that infect devices. Because of this, blacklisting will never go away. However, what is changing is that the blacklist is living in the cloud instead of on each device.
Some great new primary research, from Aberdeen’s Derek Brink shows that AV-only group actually spends 1.5-times more, and effectively accepts 68% of its security-related risk.
Not investing in additional endpoint security solutions is actually a false economy – in reality, they are ignoring (and therefore effectively accepting) 68% of the risk and the associated costs. Endpoint security initiatives should adopt a more comprehensive approach to protecting the organization’s platforms, networks, applications and data. (Source: Aberdeen Group, March 2012.)
Beyond historic blacklisting, McAfee recommends that users also deploy host or network web protection, HIPS, AND good application control functionality to defeat the current generation of cybercriminals. That is why McAfee is relentless in solving the challenges of increasing threats and we do that by working to fulfill the value proposition of our Security Connected strategy– an integrated platform for security which identifies common host-network customer use cases and implements them to reduce the total cost of ownership for a complete security solution.