Every-time you turn around there is a new security problem that needs solving, a new threat that needs managing, and a new regulation that needs complying with. Navigating the mine field of marketing “noise” continues to challenge even the most seasoned BS detectors.
Steinnon blogs about trojans representing 60% of all malware, Symantec disclosed in their threat report that phising is up about 80% over previous years and that worms made up 38 of the most top 50 malicious codes and that polymorphic viruses are likely to grow because they are hard to detect (isn’t this why the AV folks added heuristics back in the mid-90’s?), Gartner released their Cyberthreats HC noting that the 5 highest impact threats are targeted threats, identity theft, spyware, social engineering and viruses, it also mentions that rootkits are going to highly impact IT organizations in the next 3-5 years. I could go on here but I think you get the point. The Internet is a scary place and getting scarier – motivation for cybercrime has definitely shifted from hobby-based malware and cybervandilism to financially motivated and often targeted attacks that have the potential to be highly damaging (The US DOJ maintains a list of indictments and prosecutions which can be a good source of information to validate that these threats are real), but we can’t keep deploying a new technology for each new threat, we can’t keep reacting to security problems with a new appliance or a new piece of software. At the end of the day whether we are talking about viruses, worms, trojans, rootkits, spyware, malware, etc isn’t it all the same thing – bad stuff getting onto our computers and our networks? I used to write AV software so I am intimately familiar with why technology companies classify these differently, but come one as consumers of technology are we expected to pay for these as modules, didn’t we learn anything in the last 5 years?
Bottom line: You should not have to pay more for increased functionality year over year – demand more from your vendors, tell them that you don’t need an anti-virus, anti-spyware, anti-rootkit, anti-phishing, anti-x, with a personal firewall, host-based intrusion detection, and wireless security and networking configuration capabilities each sold to you at a premium – get them all for a single price, the price you paid last year for AV. Let them know that turning it up to 11 is not going to win the gig when what you are really looking for is more cow-bell.