The white flag is a universal symbol of truce, a ceasefire if you will. In war, or in this case the war against cybercrime, McAfee this week issued a sort of truce with its call to arms for the security industry to take the offensive against malware attacks. This action speaks volumes about the current state of the security industry. And we couldn’t agree more. If one of the world’s leading antivirus security software makers is saying that the cat-and-mouse game of trying to keep up with the record amount of malware seen in the first half of 2010 is not working, then we all need to sit up and listen.
Rather than continuing with the current approach of adding layer upon layer of security to defend endpoints against expected attacks, Jeff Green, senior vice president of McAfee Labs and product development, said the security industry needs to get more aggressive if it expects to get a leg up on the tens of thousands of malware variants that surface every day.
“The tools and techniques of cybercrime continue to grow in number and sophistication at alarming rates. The cybercriminals prosper as they never have before because they have very little reason to fear the consequences. Maybe this is because we have really never given them a reason to fear. This must change. We must adapt our industry at its core and at all levels. It is time to send the security industry on the offensive.”
This statement comes at a time when testing continues to reinforce how much cybercriminals still have the upper hand. A recent independent study by NSS Labs found that a majority of antivirus security software suites still fail to detect malware attacks on PCs, with average protective scores of 76% even when exploits have been publicly available for months, or in some cases, years. The report concluded:
“Based on market share, between 70 to 75 percent of the market is under protected. Keeping AV software up-to-date does not yield adequate protection against exploits, as evidence by coverage gaps for vulnerabilities several years old.”
Even with the security industry in such dire straits, we all know surrender is never an option. What security professionals need to do is re-evaluate their current approaches and implement more proactive strategies for combating cybercrime. Instead of waving a white flag, the industry needs to consider other options such as application whitelisting. At a time when organizations desperately need to stay one step ahead of hackers, whitelisting solutions such as BOUNCER by CoreTrace can prevent the execution of the growing number of malware attacks that continue to slip passed even the most trusted antivirus security software on the market.
Congratulations on your news this week, Toney. 300% growth and major adoption by key security solution leaders are clearly a testament to all you and Coretrace are saying and doing. Your new BOUNCER 6.0 with its advanced intelligence capabilities almost leaves me speechless. Good job, guys. Good job! Greg Newman, The Newman Agency
Thank you so much, Greg. We are very excited about our progress, the market overall, and BOUNCER 6. I am especially proud of the team, and thankful to our customers, partners and supporters like you.
Thanks again!
Toney