The general notion in the cybersecurity industry is that antivirus is an antiquated product, which does not provide enough security against today’s advanced threats. Symantec CEO even went further and declared the demise of the Anti-Virus (read the article Here).
But recent events seem to indicate otherwise.
Just a few weeks ago the antivirus maker, Avast Software, announced plans to acquire competitor AVG Technologies for $1.3 billion in cash. Surely Avast would not spend such a fortune on a dying technology…
The combined company would create the world’s biggest antivirus software firm by number of active users, exceeding even Microsoft’s market share of antivirus technology on consumer devices. The most recent data from software-maker OPSWAT indicates that Avast’s 15% market share plus AVG’s 5% would edge out Microsoft’s 15.9% (a figure that excludes Windows Defender, which is included in Microsoft Windows).
So with this in mind, we ask several questions:
- is this product days over?
- Will it continue to be relevant only to the mass market?
- what are the alternatives?
- would it continue to live in a freemium model?
- Would it continue to live only as an OEM/ consolidate product?
Dead or simply outdated?
It goes without saying that antivirus does no longer enjoy the same status it once had.
Most people realize that deploying the best antivirus will not secure them completely and even the term “Virus” feels outdated and replace by the more accurate “malware”.
But despite this, it’s hard to find organizations who gave up on antivirus altogether. As part of the “layered security approach”, it’s still considered worth having. Interviewing several cybersecurity professionals, they all agree that signature based detection became less efficient with time, due to the rapid increase in new malware evolution.
The attackers can move and mutate quickly, so the attempt to track, analyze and release signature updates fast enough is concept destined to failure. However, antivirus still provide protection against large mass of low level threats, hence worth having.
Mass market Appeal
Antivirus is currently the ONLY cyber product adopted by the masses and sold as a commodity. The adoption of the fermium model increases its’ appeal and distribution even further. No other product even comes close in terms of adoption- firewalls are reserved for large organizations and even DDoS mitigation services have only managed to scratch the surface in terms of mass market and SMB adoption. As an analogy- it’s “the only cybersecurity technology your mom knows about” and would consider consuming, and as such isn’t likely to disappear so quickly.
The Freemium model
Although some free/ freemium Antivirus are considered to be of good quality, the general notion in the industry is these are not “serious” enough for the enterprise. For consumers this is a great model as long as they realize that the free piece of software is not an almighty shield deflecting all attacks but a basic product securing against basic threats. Lately with the rise of Ransoware and mobile malware we’re seeing security companies promoting their paid products more aggressively, perhaps trying to capitalize on the general hysteria of the public.
What are the alternatives?
For home end users there aren’t that many alternatives.
Enterprise now supplement Antivirus with other solutions (such as gateway, sandboxes and endpoint solutions)
Some solution seem to be acting as an alternative solution to AV on the endpoint, but it is still not clear what is the “best practice” for deploying these and if Antivirus can be abandoned altogether. A Few new detection tools that are either basing on quicker study rates, such at Cylance, or end-point solution that are not relaying specifically on signature, such as BufferZone, Invince etc., could provide a solid alternative.
The new technologies which are now coming to the market; e.g. machine learning, encapsulation and low level registry protection are toAs for gateway solutions – CDR technology is quickly gaining traction and alongside the more traditional Sandbox can be considered an alternative to AV.
So- is there a future for Antivirus ?
The authors of this article believe that we’ve not seen the end of this product, which has been around longer and sold more than any other cybersecurity product. One possibility is that Antivirus will be “swallowed” by other technologies and will continue to reside as part of more wholesome solutions, as an OEM or consolidated product suite. But until that happens, it will continue to be the only cybersecurity product everyone knows and uses.