Few security experts would dispute the fact that legacy antivirus (AV) solutions are no match for today’s most stealthy and sophisticated cyberattacks. Stories of successful breaches seem to hit the headlines daily. The attacks may use different methods and be aimed at a wide range of industries, but there’s always one thing they have in common: The victim organizations each had some sort of AV in place when they were breached.
A recent article in TechTarget’s SearchSecurity asked a variety of cybersecurity experts to weigh in on the question, “Is the Antivirus Industry Dead?” CrowdStrike CTO and Co-founder Dmitri Alperovitch was among those interviewed, and stated that it’s imperative for AV vendors to rethink their approach to detecting malicious code. He offered this, “Antivirus is not dead, but legacy AV solutions will be replaced by next-gen machine learning and behavioral-based approaches.” The consensus among all the industry leaders quoted in the article took a similar stance: legacy AV has seen its day and while it’s not dead — it’s time for organizations to look for a new alternative.
Deciding to improve your organization’s security posture by replacing legacy AV is a good decision, but choosing the right replacement can be challenging. Navigating a crowded vendor landscape where feature promise often exceeds feature performance can be daunting — particularly for overburdened IT staffs who must contend with a wide range of issues every day. How can you be sure you’re making the right decision?
An article from cybersecurity expert Mike Sentonas, CrowdStrike vice president of technology, was recently published in CSO Magazine. The article, “Replacing Your Antivirus: Four Steps to the Right Solution,” offers practical guidelines for evaluating your options and choosing a next-generation AV solution that can live up to its promises. Sentonas distills the process of evaluating and choosing an AV replacement into four basic steps, summarized below:
Step one: Clearly define your goal
Know in advance what your requirements are and don’t compromise. You should look for better protection and better performance. Many solutions offer “bolted on” features that bloat endpoints and degrade performance. The end-user frustration this creates may not be worth the small gains in protection a solution offers.
Step Two: Verify vendor claims
Don’t accept vendor claims at face-value and make sure you know what you’re getting. Claims of “next-generation” endpoint security are plentiful and it’s important to validate what the vendor is promising. Use relevant customer references, or take advantage of a product test drive, if one is available.
Step Three: Don’t dismiss the importance of time-to-value
If a solution is going to take months to deploy and requires complex management that will consume IT resources, it may not be worth pursuing. More than one organization has invested heavily in a solution only to have sit unused because it’s too complex and resource-draining to implement.
Step Four: Ask the right questions
Getting the information you need means asking the right questions. The article offers examples of questions and why each is important to ask. The following are some of the questions suggested:
- Can the new solution help me maintain compliance?
- What techniques do you use to block malware pre-execution?
- What level of prevention do I get when I’m offline?
- What is the footprint on the endpoint?
- Which products include which features?
Read the article in its entirety: Replacing Your Antivirus: Four Steps to the Right Solution.
Download an exclusive AV guide: Guide to AV Replacement: What You Need to Know Before Replacing Your Current Antivirus Solution.
Watch a webcast: The Time Has Come to Replace Your Antivirus.