October 4, 2019
Traditional antivirus solutions are a complete waste of time! They search through files, looking for recognisable signatures that indicate the presence of a threat.
Since the advent of cyber security, these kinds of software have been both the shield and the sword, protecting your system from attack. But the rules of engagement have changed and keep changing – and the shield and the sword are no longer the best defence against cyber attack.
What’s the problem with traditional antivirus?
There are plenty of good reasons to switch from traditional antivirus solutions to Next Generation Endpoint Protection (NGEP).
» First, viruses are unknown or disguised and therefore cannot be recognised by their signatures.
» Second, delivery of a virus is increasingly file-less, so won’t be found by scanning through files.
» Third, many antivirus solutions are incredibly time and resource intensive.
They produce reams of reports on these detected threats, each of which has to be picked through by IT security specialists. The sheer volume of reports leaves the IT security team in a constant state of reaction, with no time to be of real strategic value to the organisation.
> The untold labour of traditional antivirus solutions
Most people would have no idea of the workload involved in monitoring potential threats. It’s a full-time job, keeping on top of the reports – and utterly boring.
It’s not just traditional antivirus solutions, either. Many options marketed as ‘next generation’ endpoint security are not much more useful than traditional AV but bring with them a whole load more work. You couldn’t even call it fire-fighting – so much of the work is checking to see if the ingredients for a fire are even there.
Besides the waste of time and resources, it underutilises the skills of a cyber security professional, whose days could be better spent taking a proactive approach to systems security.
What does proactive security look like?
In an ideal world, you wouldn’t spend your days checking reports and reacting to the findings. Instead, you would use proactive analysis to monitor the whole picture.
- Which groups of users are undermining security with their browsing behaviour?
- Which department needs training to increase their security awareness?
- Who is downloading junk to their computer, putting your organisation at risk?
In this ideal world, reported threats could largely be dealt with automatically. Updates would be pushed through to all workstations, saving you the tedious (and unpopular) task of Friday afternoon virus scans. And with all the time saved, you could start looking for early warning signs of impending infection.
You would have thinking time to plan for new kinds of threats. Time to implement the best practice you’ve been reading about.
Take back control!
» How do you achieve that ideal world?
By choosing a modern endpoint security solution that works almost autonomously, continuously monitoring and assessing the behaviour of all applications for suspicious activity.
Next-Gen Endpoint Protection automatically detects threats, stops them in their tracks and cleans up after them – giving you a bird’s eye view of your system that you need to identify the behaviour that is putting your organisation at risk. And it gives you the head space to work on your cyber security strategy as a proactive agent of change, rather than a reactive pawn.
Related articles:
- What is SIEM? (Part 1): Cyber Security 101
- Slow Antivirus? Solving the problem of the weekly AV scan
- Is ransomware the biggest threat to your IT security?
- A buyers guide to patch management software
- Pros and cons of outsourcing your cyber security: In-house of Managed SOC?
About Comtact Ltd.
Comtact Ltd. is a government-approved Cyber Security and IT Managed Service Provider, supporting clients 24/7 from our ISO27001-accredited UK Security Operations Centre (SOC).
Located at the heart of a high security, controlled-access Tier 3 data centre, Comtact’s state-of-the-art UK Cyber Defence Centre (SOC) targets, hunts & disrupts hacker behaviour, as part of a multi-layered security defence, to help secure some of the UK’s leading organisations.