Is the security industry lying about malware protection?


Security companies are lying about the amount of malware they can block, misleading IT departments across the world.

That was the claim of M86 Security chief executive (CEO) John Vigouroux, who told IT Pro every other security vendor was fibbing when they said they blocked 99 per cent of malware, or thereabouts.

All those security companies, including big players like Symantec and McAfee, can only block known malware which they have recorded on their databases, not truly new zero-day threats, Vigouroux said.

Essentially, the signature system used by almost every security company in the world to detect malware is inherently flawed, he suggested.

Given the significant rise in malware creation, on top of the fact 92 per cent of malware is downloaded just from going to websites in drive-by attacks, this is a serious problem, the CEO explained.

"The security industry has done a miserable job of defending the world against malware," Vigouroux said, claiming the best legacy systems are only stopping 40 per cent of threats.

What is needed is a system that is not always one step behind cyber criminals, and this is where M86 comes in, according to the CEO.

M86's offerings look at the code going through businesses' web-based transactions and, using complex algorithms, detect suspicious activity. Therefore, no database is needed and new threats are, in theory, blocked.

"We look at new stuff and that's why our business is booming," he said.

"Others are not doing anything for the new malware problem. They should be saying they are 99 per cent sure of protecting against known malware but the industry doesn't want to recognise the problem."

At the time of publication, neither of the world's top two security companies, Symantec and McAfee, had offered a response to Vigouroux's claims.

Tom Brewster

Tom Brewster is currently an associate editor at Forbes and an award-winning journalist who covers cyber security, surveillance, and privacy. Starting his career at ITPro as a staff writer and working up to a senior staff writer role, Tom has been covering the tech industry for more than ten years and is considered one of the leading journalists in his specialism.

He is a proud alum of the University of Sheffield where he secured an undergraduate degree in English Literature before undertaking a certification from General Assembly in web development.