Most Antivirus Software Provide Inadequate Protection Against Threats

By | Oct 29, 2012

Cyber crime can cost an organization $8.9 million on average, and firms located in the U.S. are often the targets of the most expensive kinds of attacks, according to an recent article from NetworkWorld. Midsize businesses that fail to safeguard themselves from the thousands of malware that inundate the Web could wind up spending far more to recover from a security breach than to avoid one altogether.

As part of best practices, most companies utilize antivirus software to detect and eliminate potential exploits--but if a new report from NSS Labs is to be believed, businesses who fail to implement other safety measures aren't that much better off than firms that don't use endpoint protection at all.

NSS Labs performed a comparative analysis on 13 endpoint protection suites to "measure their effectiveness in protecting Windows computers against exploits." The firm tested the software suites' defenses against established malware that have been in circulation for months (some, even years); the test set, claims the researchers, did not include zero-day vulnerabilities.

According to the report, Kaspersky Internet Security 2012 and Alwil Avast Pro Antivirus 7 were the only antivirus software to block more than 80 percent of known exploits. The worst performers were Total Defense Internet Security Suite and Panda Internet Security 2012, blocking a total of 34.5 percent and 38.8 percent of exploits, respectively.

McAfee Internet Security 11, despite blocking a total of 65.5 percent of exploits, did the best at protecting against attacks on Internet Explorer 6; the Security suite stopped 100 percent of exploits using Hypertext Transfer Protocol (HTTP) and HTTP Secure (HTTPS). Despite the age of the exploits affecting the browser, however, just two other suites managed to block more than 90 percent of attacks.

Some of the worst performers have the highest antivirus marketshare. Microsoft, for example, controls 27 percent of the market, according to InformationWeek, but scored in the bottom five of the endpoint protection software that NSS Labs tested. "Based on market share, between 65 percent and 75 percent of the world is poorly protected, and 75 percent to 85 percent in North America is poorly protected," states the report.

For the best security, IT departments at midsize businesses should consider adopting other methods of protection, such as investing in an Intrusion Prevention System (IPS)--a security appliance that monitors the network for suspicious traffic--and focusing on patching browsers, plug-ins and other software as soon as possible.

NSS Labs also warns of the dangers of using IE6, claiming users "must be technically knowledgeable enough to employ other defenses, or will almost certainly be compromised."

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet. Like us on Facebook. Follow us on Twitter.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...