Many security vendors are preaching proactivity to help to prevent threats such as viruses and spam from causing any major downtime.
Still, all security vendors adopt a reactive model to threat outbreaks, even with the threat of day-zero attacks causing much concern in the industry, and, while many believe that heuristic scanning is the answer to being more proactive, Sophos believes that the technology is still too immature to be fully effective.
?The problem,? says Brett Myroff, CEO of NetXactics Communication SA (Pty) Ltd., SA distributor for Sophos PLC"s security products, ?is that heuristic scanning has the potential to return a high number of false positives (i.e. files that are perceived as a threat by software but actually are not), which could cause an unnecessary amount of downtime if not managed properly.?
Myroff believes that the closest any security vendor can come to true proactivity with the level of technology available is through effective quality assurance on its update files. ?If updates have gone through the right amount of QA, vendors may be able to protect against variants of a virus, for example, months before they are released,? he says.
It is, however, very important to keep software updated regardless. While many security vendors are able to stop threats before they break out, the latest threats are much more complex, incorporating more than one attack.
These ?blended threats? could include a vulnerability exploit combined with a distributed denial of service (DDoS) attack, making it increasingly difficult for security vendors and IT managers to ensure that systems are secure.
?It is due to the increasing complexity of attacks and the decrease in mean time between vulnerability discoveries and exploit issue that no security vendor can offer true proactivity,? Myroff adds.
This way of thinking seems to be a winning formula for Sophos. According to the company, it has seen an international CAGR of 66 percent, with the local NetXactics operation growing the brand locally by 58 percent, Myroff says. ?We just promise what we can realistically deliver,? he comments.
Recent acquisitions in the security space could see a new level brought to the race for true proactivity. McAfee Inc. recently acquired Foundstone, a risk assessment and security education company.
Just where this acquisition will fit into McAfee"s product set remains to be seen. Recent reports have quoted the company as saying that this will help drive its mission to be a more proactive security vendor.
Regardless, the security industry has reached commodity status, and it is now that Myroff believes that the serious players in the industry will begin to emerge as leaders, while the rest fight it out to maintain market share.
According to Forrester Research Inc., security technology is the fourth biggest growth area in ICT worldwide, and is likely to overtake storage, VPNs and wireless networking equipment in growth percentage in SA this year.
?The technology is good enough to protect business today, it is just a matter of weighing up the alternatives, to see which product adds the most value and delivers on whatever expectations are set,? Myroff concludes.