Anti-virus software is based on signatures of known viruses. It’s a reactive product by nature and it should be known by now that these products are ineffective against new viruses and new variants. That said, why test AV products against attacks they haven’t seen and then make a stink about it in a ComputerWorld article? Isn’t that like standing out in a rain storm to test if you’ll get wet and then writing an article about your finding?
While the testing part of the story was silly, the real point of the story is we need to think differently about the way we defend against the changing threatscape. We need to be “Agile Defenders” who are capable of aligning and re-aligning resources against a constantly shifting threat while maintaining a solid foundation. It’s hard work and I don’t believe it is understood by leadership in most organizations.
That said, we can’t protect against the new threats if we fail to apply basics. If you don’t believe that organizations get burned because of basic security failures check out this story out of New Zealand. What is funny here is they blame a Conficker-infected USB thumb drive for shutting down the company instead of their failure to keep their systems patched. That is misdirection worthy of a master politician.
Bottom-line: Businesses cannot rely on AV or single layers of defenses. Protecting information against a constantly moving adversary requires more than static thinking to be effective. If you’re responsible for securing your organization, be an Agile Defender, not a stationary target.
Connect with me