How Antivirus Companies Are Hacking the Truth -- and Making Us All More Vulnerable Many companies tout detection rates north of 99 percent. They aren't just over-confident, they're deceitful.

By Steve Subar

Opinions expressed by Entrepreneur contributors are their own.

Andrew Brookes | Getty Images

Each day, tech researchers encounter and catalogue more than 350,000 new instances of malware -- the malicious software that's designed to damage computers or steal personal information. Consumers and businesses alike believe their antivirus systems are vigilant enough to ward off these mounting threats. But they're wrong.

Related: Ex-Employees Say Antivirus Giant Faked Malware to Damage Rivals

The fact is, today's approach to fighting malware is hopelessly ineffective, and antivirus vendors conceal this reality. Fortunately, the threat posed by increasingly sophisticated malware is surmountable. But, in order to succeed, antivirus companies must start working on technology that actually keeps users safe.

The reason is that it's no secret that the dangers malware poses are changing and intensifying at lightning speed. Even at tech-savvy organizations -- Equifax, Yahoo and Uber, to name a few -- system breaches have become common, enabled, most commonly, by malware.

Somehow, the antivirus industry still remains confident. Leading firms continue to market their pricey software by promising "total protection" and "tried and tested threat prevention." Many tout virus detection rates north of 99 percent.

Related: 7 Surprising Places Hackers Hide

These claims aren't just over-confident; they're deceitful.

Why "99 percent" isn't as good as it sounds

Consider the sky-high detection rates so proudly advertised. While "99 percent" sounds impressive, a failure rate of just 1 percent equates to admitting to over 1.3 million potentially disastrous viruses infecting endpoints and networks in the course of a year; any one of these could destroy a business or compromise millions of identities.

What's more, claims of high detection rates -- even if they're valid -- don't reflect an antivirus vendor's competence in identifying malware, but rather how well that vendor fares in identifying malware already flagged by Google's VirusTotal (a crowdsourced service aggregating antivirus engines from more than 70 companies).

Antivirus firms subscribe to VirusTotal, agreeing to lend their wares to the collective effort for scanning files submitted by users. But many subscribers abuse their access, relying almost exclusively on VirusTotal for malware detection, thus concealing their own products' weakness.

That's no different from using Google search to answer difficult questions and then trying to monetize your borrowed expertise.

Even more egregious is the industry's refusal to admit that its current approach is irreparably flawed. Today, most antivirus software is based on a two-stage approach that starts with detection and ends with remediation, accomplished through isolation and removal.

Detection-remediation, though, is actually a losing strategy. Antivirus scanning can detect only known viruses. Yet more than 350,000 unknown pieces of malware -- including malware leveraging "zero-day" exploits -- are unleashed daily. Even with the latest artificial-intelligence tools, antivirus programs regularly fail to identify zero-day viruses and issue scan reports rife with false positives.

In other words, hackers already have the upper hand on antivirus makers. And that advantage will only grow more formidable as zero-day viruses proliferate.

What's an entrepreneur to do?

Antivirus companies recognize the hopelessness of detection-remediation, of course. But they'd rather feign confidence and hide behind their "99-percent detection" rates than admit that they're incapable of keeping their customers safe.

So, what are the takeaways for entrepreneurs looking to protect their businesses? There are three:

  • Don't fly by the seat of your pants. Have a security policy to guide you so you can benefit from your cybersecurity investments in software, services, and personnel.
  • Understand the extent of your corporate presence and where your critical assets live -- on your LAN, across the web and in the cloud.
  • Ask yourself: Are you more interested in detection or actual protection?

There are a variety of ways to defend your perimeter -- and not just with firewall and router configurations or network traffic monitoring. Most breaches are not brute-force attacks on the perimeter but are facilitated from within. How black hats, malicious hackers, really attack is by getting malware onto your network and endpoints with phishing emails or downloads from infected websites.

So, fight back: Consider solutions that couple "default-deny" with "auto-containment" to achieve maximum security while preserving productivity.

Auto-containment allows users to open unknown files and run unknown scripts in a lightweight virtualized environment. This approach dramatically reduces risk of infection and exploitation, as, even if a file is malicious, its attempts to modify critical system resources will only impact a "shadow system." Plus, auto-containment lets users remain productive during the "verdicting process," by which cloud-based systems, assisted by artificial intelligence and supplemented by human analysts, determine whether an unknown file is genuine malware or not.

The much maligned "default-deny" security posture is another technique that can protect against unknown threats. Default-deny has long been favored by cyber experts, as it blocks all unknown files from opening or executing, thus preventing malware from penetrating a network or taking residence on a computer. Historically, default-deny hindered usability. However, when auto-containment is combined with default-deny and rapid verdicting, users' work is unimpeded -- and systems remain safe.

Related: Why We Need to Worry More Than Ever About Getting Hacked

IT users typically look to antivirus industry vendors. But these vendors, with their detection-centric strategies, are clearly losing the fight against malware, whatever the provenance.

When will antivirus companies finally admit that detection is not protection, and rethink their approach to fighting malware?

Wavy Line
Steve Subar

President and CEO, Comodo Cybersecurity

Steve Subar is president and CEO of Comodo Cybersecurity. He brings decades of experience to his position. and is building the company's market-leading cybersecurity solutions and substantial resources. In 2005, Subar was chosen, from more than 60 Silicon Valley entrepreneurs, to become the first Entrepreneur-in-Residence for National Information Communications Technology Australia, that nation's leading center for applied IT research, which led to the creation of Open Kernal Labs. OK Labs, where Subar served as CEO, emerged as the leading provider of mobile device secure virtualization and deployed more than 1.6 billion devices, which led to its acquisition by General Dynamics, in 2012.

Editor's Pick

She's Been Coding Since Age 7 and Presented Her Life-Saving App to Tim Cook Last Year. Now 17, She's on Track to Solve Even Bigger Problems.
Lock
I Helped Grow 4 Unicorns Over 10 Years That Generated $18 Billion in Online Revenues. Here's What I've Learned.
Lock
Want to Break Bad Habits and Supercharge Your Business? Use This Technique.
Lock
Don't Have Any Clients But Need Customer Testimonials? Follow These 3 Tricks To Boost Your Rep.
Why Are Some Wines More Expensive Than Others? A Top Winemaker Gives a Full-Bodied Explanation.

Related Topics

Business News

'I'm Not a Very Good Businessman': Kevin Costner Is Risking a Ton of His Own Money on New Project

The "Yellowstone" star discussed how he bankrolled his new epic movies — and his accountant isn't happy.

Marketing

The Rise of Nano-Influencers: How the Smallest Voices are Making the Biggest Impact

The bigger an influencer is, the more beneficial it is for a brand to collaborate with them, right? Not necessarily.

Science & Technology

How AI Is Transforming the Accounting Industry — and What the Future Will Look Like

It's time to harness the power of AI and transform bookkeeping.

Business News

California Woman Arrested For $60 Million Postal Service Scam

Lijuan "Angela" Chen faces two charges that each carry a maximum sentence of five years in prison.

Business News

Woman Goes Viral For Brow-Raising Email Signature About Working Moms: 'Everyone Is Feeling This'

The email signature was created in response to pressure to answer emails within 24 hours.