Today’s traditional antivirus no longer delivers meaningful security value due to its inability to adapt to the changing threat landscape and its reliance on reactive threat detection, yet organizations continue to rely on antivirus as a means to protect their endpoints.What often goes unrecognized is the hidden costs antivirus imposes on organizations. Security technologies must balance the benefits they provide to an organization with the cost associated with their operation. What follows are some of the hidden costs of using antivirus systems.
Traditional antivirus relies on signature-based scanning technology that is not particularly flexible in supporting new applications, systems and platforms. Organizations that rely on antivirus will encounter difficulty in deploying and securing new technology that would offer significant business advantages that antivirus has failed to deliver on, often requiring additional adaptive or corrective measures for these new technologies to work in conjunction with antivirus. These additional efforts will cost the organization time, effort and, ultimately, loss of agility.
To implement and run an antivirus system within an organization, staff time must be allocated to support, operate and maintain it. This staff might otherwise be used to support projects that offer greater returns on investment and more effective prevention tools. Additionally, antivirus systems often require organizations to combine various solutions to cover the gaps in security that AV cannot fill, which may take longer to integrate and offer lower security effectiveness.
Many organizations work to achieve compliance with various regulatory frameworks, like the Payment Card Industry Data Security Standards (PCI DSS) and the Health Insurance Portability and Accountability Act (HIPAA). However, compliance does not guarantee that security risks will be sufficiently mitigated. The effort to meet compliance is and should be treated as a bare minimum for security best practices. While antivirus is almost always a requirement to meet compliance, it offers almost no significant security value in today’s computing environments. As a result, security professionals deploy other technologies and products to mitigate security risks that AV cannot address, imposing additional tangible and intangible costs to the organization.
End users heavily rely on the organization’s various IT and security functions to secure its network, systems and computing environment, assuming the tools and technologies implemented enable them to safely conduct their daily business activities. When an organization deploys a traditional antivirus system, users may wrongly assume that their systems are protected from attacks. This false sense of security can lead users to be less vigilant about their behavior and to exercise less caution in avoiding potential cyberthreats, regardless of security awareness training programs.
Until organizations realize the deficiencies of their antivirus solutions and implement a replacement that provides meaningful security value, they will continue to incur these intangible costs and leave their endpoints vulnerable.