10 Reasons NOT to buy a Next-Generation AV Solution
21st May 2019
Is your endpoint protection ready for an overhaul?
It’s clear that cyber attacks are increasing in terms of frequency, sophistication, and their effectiveness to disrupt business. The impacts from these attacks show that current cyber security practices are not keeping pace with modern threats.
Working closely with Blackberry Cylance, we are helping protect our clients using AI-driven threat protection to harness the power of AI and machine learning to spot the tell-tale patterns of threat before it strikes. Is it time to upgrade your AV solution?
Should you need any convincing, we’ve made a list of 10 reasons not to upgrade your AV solution…
You embrace your animal instincts (sacrificial lamb/Guinea pig)
Signature-based technology requires a threat to have been detected, analysed and reverse-engineered in order to protect the next unsuspecting victim of said threat. You are comfortable with the chances that one of the approximately 500,000 unique threats per day will not hit your organisation before anyone else.
Ransomware is the new black. It will be gone soon.
You believe the notorious attacks in 2017 (WannaCry, Non-Petya/ Petya-like) although devastating to thousands of organisations worldwide (including the NHS in England) was the tip of the iceberg. Attackers are not interested in making quick money with ransomware campaigns. Therefore, you surely do not need a technology that is proven to have a predictive advantage on all common ransomware families at an average of 25 months.
You like to know when it’s lunchtime courtesy of the scheduled anti-malware scan.
It used to be “coffee time” when the scheduled scan kicks in. But due to the infinitely expanding database of AV definition files, this scan takes an inordinate amount of time – and therefore the time your machine is unusable has extended significantly. Of course, it’s more productive to take an extended lunch whilst this scan completes.
You cannot detach yourself from a physical computer.
Your laptop manufacturer states “up to X hours” of battery life. They clearly based that number hypothetically having never installed a suite of signature-based security products like AV, HIPS, DLP. You consider it a personal workout carrying a laptop and charger everywhere. You would hate an extra two hours battery life by replacing your AV suite with a single agent that provides greater protection levels.
You can swallow operations costs relating to server management, including patching.
Let’s assume you have a team of skilled IT administrators who enjoy the mundane task of taking operational servers offline (almost exclusively during evenings/weekends) and installing the latest patches. You accept that introducing new code is a risk, but it’s necessary, and the list of other priorities for your skilled guys will have to wait. Why on earth would anyone buy a SaaS solution anyway?!
Rebuilding PCs is costly but necessary.
Anytime a corporate machine is infected by malware (and that happens a lot!), we just rebuild the machine. Sure, it’s costly and means the impacted user cannot work for a day or two, but at least my beloved IT admin gets another mundane task to perform rather than doing something more interesting and valuable to the company.
You chose a non-persistent VDI for security purposes.
Anti-malware on a virtual desktop environment just is not worth the hassle. Firstly, my master/gold image is out of date as soon as it is created due to those pesky signatures needing updates at least daily. Secondly, the performance impact gives a terrible user experience. If only there was a technology that was designed from the ground up with modern technology such as VDI in mind and only required updates once/twice per annum. I could improve the user experience and save money!
We provide new laptops every 2 years; they don’t make hardware like they used to!
Computer manufacturers keep on introducing shiny new hardware widgets, yet my machines are all severely degraded after two years. This means I have to perform full hardware refreshes even when the hardware is still under service! Having the performance impacting security suite is necessary so I just have to accept the cost. I know I could save a fortune if I extended this to three years and beyond, but I am yet to find a solution that is intelligent enough to reduce performance vs. signature-based security products.
You think you get enterprise visibility already and don’t need to hunt for threats.
I have purchased lots of technology over the years that provide me with information. It’s mainly based around log data (which of course is reactive to an event). I read blogs and have paid for threat intelligence feeds, but I’m yet to apply this to my data. What technology could be used to search in seconds for a specific hash, or communication to a specific network, or even a registry key?
You still have legacy hardware.
You are paying for “support” from your OS vendor, but you have isolated the legacy hardware from the network. What if you could save money and reduce your risk significantly by running a lightweight, artificial-intelligence-based security solution that supports back to Windows XP/ Server 2003 R2?