Antivirus is 'completely wasted money': Cisco CSO

[zerologic]

ZDNet Australia

Companies are wasting money on security processes ? such as applying patches and using antivirus software ? which just don't work, according to Cisco's chief security officer John Stewart.

Speaking at the AusCERT 2008 conference in the Gold Coast yesterday, Stewart said the malware industry is moving faster than the security industry, making it impossible for users to remain secure.

"If patching and antivirus is where I spend my money, and I'm still getting infected and I still have to clean up computers and I still need to reload them and still have to recover the user's data and I still have to reinstall it, the entire cost equation of that is a waste.

"It's completely wasted money," Stewart told delegates.

He said infections have become so common that most companies have learned to live with them.

/snip

[Brian M. Veteran]

I must agree to an extent.

It would be much more beneficial for companies to invest in something like DeepFreeze.

[zerologic]

I must agree to an extent.

It would be much more beneficial for companies to invest in something like DeepFreeze.

I think the best approach to these threats is hybrid solution. No one solution is 100% effective.

However, saying that Antivirus is a waste of money is a very brave and IMHO plain silly thing to say.

[x-byte]

He's got a point, but saying it's a waste of money is stupid. I can agree that when a PC is infected, it is in most cases best to reinstall it. But antivirus programs also have an importan proactive role. It stops most viruses from infecting and spreading to other corporate computers etc.

[Numpad]

i had a virus on my home laptop a little while back.. it somehow managed to get past norton 2008 with all the updates... i contacted norton and they told me i'd have to pay ?70for them to get rid of it...... i told them where to stuff it and just formatted lol...

its bad that because their system which is meant to prevent viruses failed, that they wanted to charge me so much money!

[Argi]

Norton doesn't count as an AV.

[AJR1]

I have to disagree with the statement, although the context in with which it is made, is certainly true.

If i was spending money on Anti-Virus products and still getting infected then yes that would constitute a waste of money, but at the same time, how many issues has that Anti-Virus product protected against.

You have to ask yourself how the machines are being compromised, is it thorugh Malware installing from websites, is it because of an Operating System vulnerability.

Both of these can be countered, using Proxy Servers to filter out those websites that are known to host malicious code, and educate employees on a secure computing policy, secondly ensure that the operating system has the lastest security patches applied to it.

Of course no process is 100% secure, all we can ever do in this game, is to apply best practice and hope for the best.

[rpgfan]

LOL That's why I use ClamWin on Windows... That way I don't need to pay for virus scanners... As for other malware, I don't do anything that would cause me to get spyware, adware and such. I'm wary of JS, VBS and BAT files in Windows as well as readme HTML files containing JS, so I don't need to worry about those threats because I can dig through things to be sure that it is 100% safe. In fact, the only reason I have a virus scanner is because I use Frostwire from time to time. Otherwise, I don't have issues with torrenting Linux distros, and therefore I have no real need for a virus scanner.

[+Gary7 Subscriber²]

Norton doesn't count as an AV.

Not in my opinion. There are far superior free Programs such as Avast, and AVG. A friend of mine has never used a AV program and he has never been infected. I just use Avast with the Standard Shield only.

[zerologic]

Norton doesn't count as an AV.

:D Neither should McAfee. It's more like malware the way it takes up CPU cycles and resources.

IMHO It's (1)Avast (2)Kaspersky (3)NOD32.

[cork1958]

:D Neither should McAfee. It's more like malware the way it takes up CPU cycles and resources.

IMHO It's (1)Avast (2)Kaspersky (3)NOD32.

I agree with that first part of your post, but that second part is flatout absurd!

Sould be (1)Kaspersky, (2)NOD32, (3) Avast

Said by Gary7

"Not in my opinion. There are far superior free Programs such as Avast, and AVG. A friend of mine has never used a AV program and he has never been infected. I just use Avast with the Standard Shield only."

How would your friend know if he's ever been infected or not, if he's never used an AV? Those kind of statements are also flat out absurd!

[Dance.]

Avast is bad. Even though my friend had it installed he still got infected with a virii. When he switched to AVG, he found two worms and a trojan.

[(Spork)]

it somehow managed to get past norton 2008 with all the updates

rofl sorry you needed to get nailed with a bug for running norton

[tiagosilva29]

A friend of mine has never used a AV program and he has never been infected.

How do you know that he's not infected if you don't test it with a AV?

edit: beaten by cork1958

[megamanXplosion]

That it's still possible for viruses to corrupt your system doesn't mean that antivirus products are a waste of money, just as how locking the doors of your home won't prevent all robbery attempts but that doesn't mean locking the doors is a waste of time. It truly wouldn't surprise me if John Stewart lost his job because of his patently stupid remark.

[ozgeek]

Vista is so secure you won't even need to worry about security as Vista protects you well if you LET it and not change silly system settings.

I have not even installed an AV on permanent time since I see them as waste of time and money. I know I am not infected because I install an AV from time to time to check for viruses. At the moment I am setting up a USB stick system maintenance software that will check for viruses as well as cleaning up junk.

[JustGeorge]

Avast is bad. Even though my friend had it installed he still got infected with a virii. When he switched to AVG, he found two worms and a trojan.

And the exact opposite can and has happened for other people. No AV will catch everything and this applies even more so to free solutions. You get what you pay for.

[ViperAFK]

I've always seen people be infected no matter what AV program they are using, most of the time it comes down to user stupidity. I currently don't use an av program but scan online monthly and I have not had a virus in years.

@ Sharad I've never had a very good experience with AVG on many computers I have used it on it generally doesn't seem to detect nearly as much as Avast! and Avira do, and it gets false positives far too often for my liking. I definitely agree with VRam, no program catches everything, I always have to use a combination of programs or look for manual fixes or specialized programs when I have to clean someones infected computer (And they almost always have an active av running)

Edited May 24, 2008 by ViperAFK

[_dandy_]

I will agree partially with the idea that most antivirus programs are a waste of money (I go for the free ones, which can be just as effective), however, claiming that installing patches is ineffective is downright idiotic.

OTOH I'm utterly unimpressed with the state of all antivirus programs. Most of 'em these days are just a tad too paranoid, flagging completely inoffensive items as malware.

[+Gary7 Subscriber²]

I agree with that first part of your post, but that second part is flatout absurd!

Sould be (1)Kaspersky, (2)NOD32, (3) Avast

Said by Gary7

"Not in my opinion. There are far superior free Programs such as Avast, and AVG. A friend of mine has never used a AV program and he has never been infected. I just use Avast with the Standard Shield only."

How would your friend know if he's ever been infected or not, if he's never used an AV? Those kind of statements are also flat out absurd!

No they are not absurd. I guess you have never heard of on-line scanning. Check it out most AV companies have one. That is how he would know!

[Sethos]

Well, he is right about the Anti-virus industry not being able to keep up, since Viruses constantly appear, change and evolve.

The problem with his statement is, tons of people don't get infected with the latest and best virus attacks out there, but they pick up all the

trash littering the Internet. You have all these dodgy sites with tons of spyware/malware, you have dodgy files from P2P Software and and whatnot.

All this trash can still effective ruin your Computer and make you waste a lot of time trying to salvage everything, so I still believe a decent Virus scanner is a must to have.

Just too bad so many people tend to use these free alternatives which usually doesn't even find half of what a quality brand would - So they are lured into a false sense of security. The same with On-line scanners, they are pretty much useless in my book, since the most important aspect of Anti-Virus is the proactive defence - Stopping the virus before it enters your PC. As soon as a Virus or Infection has hit your PC, it usually takes a lot more than a simple Virus scan to remove it effectively.

I remember one of my friends always touted what a safe surfer he was, how he never have had a virus. We tried a few On-line scanners which found nothing, totally clean. So I installed a Trial version of NOD32 and it actually found 4 infections, where he was only able to get rid of 3 - We also found out, one of his frequently visited websites had a virus embedded in some flash ad, which he would never really know about if the software hadn't told him.

So he decided to reinstall Windows and start to use Anti-Virus software.

With a bit of knowledge and a decent Anti-virus, It's not wasted money, it can actually save you some time and worry.

[+Gary7 Subscriber²]

I would not go online without it.

[Mr. Gibs]

Whilst he does have a point, it is a bold claim to make.

You have to think of where does most malware come from. It's from people accepting every single activex control they see, opening every file/running every executable they can get their hands on etc. Yep, people's stupidity. Don't do that, and there is a much much smaller chance you will get malware. Sure it doesn't mean you won't get any, just means the chances of you getting one is a lot less.

Programs like DeepFreeze help a lot too, though can be a pain sometimes but then thats the price of security nowdays.

[Shadow Dragon]

One word: Linux

Too many companies use Windows for no good reason and it's sad that they don't have better advisers.

[markwolfe Veteran]

One word: Linux

Too many companies use Windows for no good reason and it's sad that they don't have better advisers.

I love Linux as much as the next guy... Ok... Perhaps a bit more than the next guy. ;)

But to say that many companies use Windows for "no good reason" overlooks the darn "legacy apps" issue. Some apps (even obscure ones) require Windows to run (not Linux/wine).