McAfee’s Asia Pacific Chief Technology Officer, Sean Duca, shares his thoughts on the “AV is dead” statement, as well as his insights on security in the corporate world.
As a computer security software company, what are your thoughts regarding Symantec’s recent statement that “antivirus is dead”?
We have to be careful not to send the wrong message out to consumers and companies alike. While threats are getting more sophisticated and therefore need more comprehensive ways of dealing with them - on your home PC as well as for your enterprise network, traditional antivirus is and will stay one important part of a layered defense approach.
Despite these comments, there is not a company out there that is going to run without that level of protection. The concept of endpoint protection and protecting people from malware and viruses is something that is far from over. Today’s endpoint or PC security software goes beyond simple signature-based protection. McAfee has been building behavioral detection technology for some time, so when a security issue is found, there is typically already a detection in place. Our defenses have not been limited to AV, nor should our customers’ defenses be. This is where McAfee has been actively working and providing solutions like next generation firewalls, security information and event management, biometric user authentication, and Internet of Things security.
So while other players like Symantec are just realizing that this is the road they have to take, this is essentially what keeps McAfee ahead of the rest of the other players in the cyber security field.
In your opinion, what are the top three cybersecurity vulnerabilities businesses face; and what are some advice or tips that you can share with businesses for them to maintain cyber resiliency?
While businesses face a whole host of issues, the top vulnerabilities in my opinion would be mobile malware, endpoint and server attacks, as well as cloud based application vulnerabilities.
There is no one-size-fits-all approach for cyber security as every organisation’s requirements; heritage systems in place and network setup differ. It is crucial not to rely on single approaches or island solutions, but rather have a connected approach to security.
In particular, organisations need to determine on how quickly they can restore their critical data and bring systems back on line if attacked by malware designed to freeze or destroy their network.
Whilst organisations tend to purchase the latest “Next Generation” tools, they should ensure that they are using these systems correctly as some of the recent attacks exploited poorly setup or misconfigured systems. We need to always ensure that we are getting the most out of our solutions, and not simply buying the latest tool which may not provide a lot of value and at the same time embedding the threat intelligence out of these solutions with the rest of the tool an organisation uses.
Sign up for Computerworld eNewsletters.