How Antivirus Companies Are Hacking the Truth -- and Making Us All More Vulnerable Many companies tout detection rates north of 99 percent. They aren't just over-confident, they're deceitful.

By Steve Subar

entrepreneur daily

Opinions expressed by Entrepreneur contributors are their own.

Andrew Brookes | Getty Images

Each day, tech researchers encounter and catalogue more than 350,000 new instances of malware -- the malicious software that's designed to damage computers or steal personal information. Consumers and businesses alike believe their antivirus systems are vigilant enough to ward off these mounting threats. But they're wrong.

Related: Ex-Employees Say Antivirus Giant Faked Malware to Damage Rivals

The fact is, today's approach to fighting malware is hopelessly ineffective, and antivirus vendors conceal this reality. Fortunately, the threat posed by increasingly sophisticated malware is surmountable. But, in order to succeed, antivirus companies must start working on technology that actually keeps users safe.

The reason is that it's no secret that the dangers malware poses are changing and intensifying at lightning speed. Even at tech-savvy organizations -- Equifax, Yahoo and Uber, to name a few -- system breaches have become common, enabled, most commonly, by malware.

Somehow, the antivirus industry still remains confident. Leading firms continue to market their pricey software by promising "total protection" and "tried and tested threat prevention." Many tout virus detection rates north of 99 percent.

Related: 7 Surprising Places Hackers Hide

These claims aren't just over-confident; they're deceitful.

Why "99 percent" isn't as good as it sounds

Consider the sky-high detection rates so proudly advertised. While "99 percent" sounds impressive, a failure rate of just 1 percent equates to admitting to over 1.3 million potentially disastrous viruses infecting endpoints and networks in the course of a year; any one of these could destroy a business or compromise millions of identities.

What's more, claims of high detection rates -- even if they're valid -- don't reflect an antivirus vendor's competence in identifying malware, but rather how well that vendor fares in identifying malware already flagged by Google's VirusTotal (a crowdsourced service aggregating antivirus engines from more than 70 companies).

Antivirus firms subscribe to VirusTotal, agreeing to lend their wares to the collective effort for scanning files submitted by users. But many subscribers abuse their access, relying almost exclusively on VirusTotal for malware detection, thus concealing their own products' weakness.

That's no different from using Google search to answer difficult questions and then trying to monetize your borrowed expertise.

Even more egregious is the industry's refusal to admit that its current approach is irreparably flawed. Today, most antivirus software is based on a two-stage approach that starts with detection and ends with remediation, accomplished through isolation and removal.

Detection-remediation, though, is actually a losing strategy. Antivirus scanning can detect only known viruses. Yet more than 350,000 unknown pieces of malware -- including malware leveraging "zero-day" exploits -- are unleashed daily. Even with the latest artificial-intelligence tools, antivirus programs regularly fail to identify zero-day viruses and issue scan reports rife with false positives.

In other words, hackers already have the upper hand on antivirus makers. And that advantage will only grow more formidable as zero-day viruses proliferate.

What's an entrepreneur to do?

Antivirus companies recognize the hopelessness of detection-remediation, of course. But they'd rather feign confidence and hide behind their "99-percent detection" rates than admit that they're incapable of keeping their customers safe.

So, what are the takeaways for entrepreneurs looking to protect their businesses? There are three:

  • Don't fly by the seat of your pants. Have a security policy to guide you so you can benefit from your cybersecurity investments in software, services, and personnel.
  • Understand the extent of your corporate presence and where your critical assets live -- on your LAN, across the web and in the cloud.
  • Ask yourself: Are you more interested in detection or actual protection?

There are a variety of ways to defend your perimeter -- and not just with firewall and router configurations or network traffic monitoring. Most breaches are not brute-force attacks on the perimeter but are facilitated from within. How black hats, malicious hackers, really attack is by getting malware onto your network and endpoints with phishing emails or downloads from infected websites.

So, fight back: Consider solutions that couple "default-deny" with "auto-containment" to achieve maximum security while preserving productivity.

Auto-containment allows users to open unknown files and run unknown scripts in a lightweight virtualized environment. This approach dramatically reduces risk of infection and exploitation, as, even if a file is malicious, its attempts to modify critical system resources will only impact a "shadow system." Plus, auto-containment lets users remain productive during the "verdicting process," by which cloud-based systems, assisted by artificial intelligence and supplemented by human analysts, determine whether an unknown file is genuine malware or not.

The much maligned "default-deny" security posture is another technique that can protect against unknown threats. Default-deny has long been favored by cyber experts, as it blocks all unknown files from opening or executing, thus preventing malware from penetrating a network or taking residence on a computer. Historically, default-deny hindered usability. However, when auto-containment is combined with default-deny and rapid verdicting, users' work is unimpeded -- and systems remain safe.

Related: Why We Need to Worry More Than Ever About Getting Hacked

IT users typically look to antivirus industry vendors. But these vendors, with their detection-centric strategies, are clearly losing the fight against malware, whatever the provenance.

When will antivirus companies finally admit that detection is not protection, and rethink their approach to fighting malware?

Steve Subar

President and CEO, Comodo Cybersecurity

Steve Subar is president and CEO of Comodo Cybersecurity. He brings decades of experience to his position. and is building the company's market-leading cybersecurity solutions and substantial resources. In 2005, Subar was chosen, from more than 60 Silicon Valley entrepreneurs, to become the first Entrepreneur-in-Residence for National Information Communications Technology Australia, that nation's leading center for applied IT research, which led to the creation of Open Kernal Labs. OK Labs, where Subar served as CEO, emerged as the leading provider of mobile device secure virtualization and deployed more than 1.6 billion devices, which led to its acquisition by General Dynamics, in 2012.

Want to be an Entrepreneur Leadership Network contributor? Apply now to join.

Editor's Pick

Related Topics

Thought Leaders

These Age-Old Monk Practices Can Help You Lead a More Focused, Productive and Creative Life

Buddhist and Benedictine monks have some ancient habits that every hard-working entrepreneur should know.

Business News

'These People Didn't Do Anything Wrong,' But Their Standard of Living Might Plummet in Retirement — Here's Why

Most American workers feel behind where they think they should be on their retirement savings.

Business News

'I Want a Free Month': Thousands of Customers Furious at AT&T After Widespread Outages

The carrier has not yet disclosed the root cause of the issue.

Side Hustle

He Started a Side Hustle in His Parents' Basement and Won Big on Richard Branson's TV Show. The Business Saw Over $650 Million in Annual Revenue Last Year.

Shawn Nelson, founder and CEO of furniture manufacturer Lovesac, thought it would be "funny to make a giant beanbag chair."

Business News

Want to Start a Billion-Dollar Business? Look to These Two Industries, Which Have the Most Unicorn Growth

During a tough fundraising year overall last year, the value of cybersecurity and AI unicorns saw double-digit growth.