Do You Wear a Seatbelt?

Modern cars are designed with crumple zones. These crumple zones help to decrease the risk of death in a severe car accident. Modern cars also have airbags. The airbags reduce your risk of death or injury in the case of an accident. If you don’t use a seatbelt your airbag and crumple zone are unlikely to offer you much protection at all.

There was a day that antivirus software could protect you against almost all of the viruses in the world, but that day was significantly more than a decade ago. In today’s environment the bad guys will not release some of their malware until they have tested it and are certain that it will not be detected when it is released.

Various reports rate the effectiveness of antivirus software as low as about 25% detection. I don’t know how accurate the numbers are, but I can tell you this. If you approach security from the mindset of defense-in-depth and then say “antivirus” is a part of my defense and that part is reducing my risk by 25%, then you can see that even with far less than 100% detection, antivirus is still making a significant contribution to your security.

Education and wisdom are the most significant parts of defense in depth. If you know that Hotmail will never ask you for your password, then you are protected from phishing attacks that claim you will lose your Hotmail account if you don’t provide your password. If you know that pirated software is far more likely to have a virus or trojan in it, it won’t help if you are not wise enough to not download pirated software. The combination of knowledge and wisdom afford a lot of protection though.

Personal firewalls help with security, add-ons, like NoScript for Firefox can help with security. Each layer of defense in depth makes you incrementally more secure. None of the technologies alone can do the whole job, or even most of the job though.

So, when you see reports that antivirus software misses X% of the malware out there, remember, it is not possible for antivirus to detect 100%. The purpose of antivirus is to contribute to security and it does make a significant contribution to defense in depth.

The more educated you are, the less likely you will need your antivirus software. The less educated you are, the more you need the protection, but you still have far greater risk. Like a goalie, if your AV takes enough shots on goal then something will get by.

Randy Abrams
Director of Technical Education

Author ESET Research, ESET

  • PC.Tech

    “… The more educated you are, the less likely you will need your antivirus software. The less educated you are, the more you need the protection, but you still have far greater risk…”
    > Terribly bad analogy. Better one is: The longer you go without getting bit, the closer you are to getting a hit.

    And education has absolutely NOTHING to do with it. As you said: “… There was a day that antivirus software could protect you against almost all of the viruses in the world, but that day was significantly more than a decade ago. In today’s environment the bad guys will not release some of their malware until they have tested it and are certain that it will not be detected when it is released…”
    > One could have a PhD and still have an AV that would miss some malware – none, including ESET, has a 100% rate of detection, just as you said: “…it is not possible for antivirus to detect 100%”. So this is all now the client’s fault? Nonsense.

    .

  • http://www.eset.com/threat-center/blog/ David Harley

    I don’t think that Randy means that if you’re educated, you don’t need antivirus software. After all, that’s his livelihood. :) I think it’s likelier that he means that the more you know about the risks, the less likely you are to do something risky, which means that you’re less likely to need your AV to save you from the consequences.

    As you say, there is no 100% guarantee that AV (or any other type of security software) _will_ save you. But that doesn’t mean that education is irrelevant. It means that the more you know, the more self-reliant (within limits) you can be. The most important thing that most people haven’t learned is that having security software doesn’t _eliminate_ risk, it only reduces it. You have to take some responsibility for your own actions.

    Whose fault is it when people don’t do that? Well, partly it’s the fault of the people (including some sectors of the security industry) who’ve told them they don’t need to. But no-one said they _have_ to believe everything they’re told.

Follow Us

Automatically receive new posts via email:

Delivered by FeedBurner

26 articles related to:
Hot Topic
ESET Virus Radar

Archives

Select month
Copyright © 2014 ESET, All Rights Reserved.