Home / News & Blogs

Antivirus is 'completely wasted money': Cisco CSO

Liam Tung, ZDNet Australia | May 21, 2008 5:41 AM PDT

Summary

Companies are wasting money on security processes--such as applying patches and using antivirus software--which just don't work says Cisco's chief security officer.

Topics

Industry, Patch Management, Money, Cisco Systems Inc., Viruses And Worms, security, malware, antivirus, whitelist, patches, Liam Tung, ZDNet Australia
Companies are wasting money on security processes--such as applying patches and using antivirus software--which just don't work, according to Cisco's chief security officer John Stewart.

Speaking at the AusCERT 2008 conference in the Gold Coast yesterday, Stewart said the malware industry is moving faster than the security industry, making it impossible for users to remain secure.

"If patching and antivirus is where I spend my money, and I'm still getting infected and I still have to clean up computers and I still need to reload them and still have to recover the user's data and I still have to reinstall it, the entire cost equation of that is a waste.

"It's completely wasted money," Stewart told delegates.He said infections have become so common that most companies have learned to live with them.

"There are too many companies in the world that actually believe infection is just a cost of doing business and are getting used to doing it--as opposed to stopping it completely. That's dangerous," he said.

A better way of dealing with the unknown is to use whitelists--where only authorized or approved software can execute, said Stewart."I'm sick of blacklisted stuff. I've got to go for whitelisted stuff--I know what that is because I put it there," he said. Security software vendors did not agree.

Gavin Struthers, regional director for McAfee Australia and New Zealand, said that although installing antivirus and updating patches are not a perfect solution, they certainly aren't a waste.

Talkback Most Recent of 75 Talkback(s)

  • A better way to deal with it ...
    "A better way of dealing with the unknown is to use whitelists--where only authorized or approved software can execute, said Stewart."

    How about an even better way drop Windows all together and use an OS that is way less vulnerable, there are plenty of alternatives
    ZDNet Gravatar
    mrlinux
    21st May 2008
  • Which operating systems would those be?
    How about an even better way drop Windows all together and use an OS that is way less vulnerable, there are plenty of alternatives

    I am not aware of any. Which ones were you thinking of?
    ZDNet Gravatar
    ye
    21st May 2008
  • Safer Operating Systems
    As most people who are involved in computing know, using Linux or BSD which includes MAC OS is much safer than using windows. The cost of ownership of these is much lower due to the fact you or your IT department will spend much less time patching and reloading due to virus infections.
    ZDNet Gravatar
    DrBrianM
    21st May 2008
    • Flagged
  • For now
    Yeah, or there are just really smart people out there ready to break into any system you throw at them. Security by obscurity is not gonna work if we were all to switch to something else. Not sure why Apple is releasing any security patches then, that just debunks your point right there.
    ZDNet Gravatar
    OhTheHumanity
    21st May 2008
  • I encourage you to learn
    a little bit about the OS differences.

    Don't take this post as an attack, but as an invitation.

    Some OSs (such as linux and BSD) are more secure from the ground up. They are architected to prevent attacks and to limit damage in case of an attack.

    This is definitively not "security by obscurity". The source code is open and available. It is security by design. And security by practice.

    XP is very difficult to lock down while making it still functional.

    Linux is very easy to lock down keeping full functionality for the user.

    Again. I invite you to try or at least read and investigate.
    ZDNet Gravatar
    rarsa
    21st May 2008
  • Please, please, please, puuullleeeaaasssseee!
    Some OSs (such as linux and BSD) are more secure from the ground up. They are architected to prevent attacks and to limit damage in case of an attack.

    Support this assertion. If you're going to use it be prepared to back it up. So far after begging for an explanation none has ever been provided.
    ZDNet Gravatar
    ye
    21st May 2008
  • Too easy...
    Linux was designed from the ground up to support multiple users. For windows this was an after thought.

    Linux was designed from the ground up to separate root (admin) privileges from normal user privileges. For windows this still doesn't work, Vista requires constant prompts that annoy the user although 3rd party developers are to blame for that too.

    Linux was designed from the ground up to have a system of permissions to restrict file access. Permissions in windows was a later addition and they aren't applied very often, I can edit many system files in XP without any warning much less access restriction.

    Linux was designed from the ground up to do networking. The internet is a network and in Windows networking was an afterthought, in the 3.1 days the internet was "just a fad" to MS. Cisco even uses Linux for networking despite getting paid off by MS to start using Windows.

    Linux was designed with security as a priority, Windows has always been about fancy features before anything else. Windows owes much of its popularity due to having the features that average joe business user wants. Linux owes most of its success do to having the security and features that business such as Google, Cisco, and AOL, and researchers using multi-processor super computers need.
    ZDNet Gravatar
    T1Oracle
    21st May 2008
  • Sorry but you'll have to do better:
    Linux was designed from the ground up to separate root (admin) privileges from normal user privileges. For windows this still doesn't work, Vista requires constant prompts that annoy the user although 3rd party developers are to blame for that too.

    Windows NT, which is the foundation 2K, XP, and Vista are based on, has the exact same model.

    Linux was designed from the ground up to have a system of permissions to restrict file access. Permissions in windows was a later addition and they aren't applied very often, I can edit many system files in XP without any warning much less access restriction.

    Windows NT, which is the foundation 2K, XP, and Vista are based on, has the exact same model.

    Linux was designed from the ground up to do networking. The internet is a network and in Windows networking was an afterthought, in the 3.1 days the internet was "just a fad" to MS. Cisco even uses Linux for networking despite getting paid off by MS to start using Windows.

    Windows NT, which is the foundation 2K, XP, and Vista are based on, has the exact same model.

    Linux was designed with security as a priority, Windows has always been about fancy features before anything else. Windows owes much of its popularity due to having the features that average joe business user wants. Linux owes most of its success do to having the security and features that business such as Google, Cisco, and AOL, and researchers using multi-processor super computers need.

    I have to agree that up until the release of Vista Microsoft's focus was on ease of use and features. However that in no way changes the fact that the security model of Windows is the same as Linux (save for SE Linux type variants).

    So what is the score: 0 for 4, you lose. I suggest you read up on the history of Windows. Specifically NT 3.1.
    ZDNet Gravatar
    ye
    21st May 2008
  • Come on, Mr. Gates, a.k.a ye
    Readers of this forum by now know that you must have a direct link to Redmond. Perhaps you've invested in MSFT stock, or are a current employee. Whatever the case may be, you always ask the same asinine question, give me proof, and it has been provided yet you still cry out "give me proof". How many known viruses are out there that have been known to infect Windows computers? Can't count that high, right? Now, how many are out there that have knowingly (not proof of concept) infected Mac OS X? ZERO!!!! There's your proof Bill. Live with it.
    ZDNet Gravatar
    Aragorn_z
    22nd May 2008
  • @Aragorn_z: I keep asking the same question because...
    ...I've never been given an answer.

    give me proof, and it has been provided yet you still cry out "give me proof".

    It has? Where? Can you point me to it? Because I have yet to see it.

    How many known viruses are out there that have been known to infect Windows computers? Can't count that high, right? Now, how many are out there that have knowingly (not proof of concept) infected Mac OS X? ZERO!!!!

    Irrelevant.

    There's your proof Bill. Live with it.

    I wish.
    ZDNet Gravatar
    ye
    22nd May 2008
  • And your investigation presents what data?
    I'm guessing here but I think you might know that there are former Linux and BSD (and other OS) devs working on Windows and vice-versa?

    C'mon now. It's more a people problem, than a product/technology problem.
    ZDNet Gravatar
    flyingbuick
    21st May 2008
  • Right...
    ... *nix and the OSes based on it are just the most awesomest ever! Everyone knows it! That's why BIND is the most subverted process of all time! Oh wait...
    ZDNet Gravatar
    glashoppah
    21st May 2008
  • I think that title belonged to sendmail for quite some time.
    That's why BIND is the most subverted process of all time! Oh wait...
    ZDNet Gravatar
    ye
    21st May 2008
  • He didn't say "safer". He said "less vulnerable".
    Two completely different things.
    ZDNet Gravatar
    ye
    21st May 2008
  • It'd be best for you...
    ... to heed the maxim "'tis better to be silent and thought a fool than open your mouth and remove all doubt."

    Only the ignorant believe those operating systems any safer than any other. You're living under a completely false and completely misplaced sense of security at you and your company's peril.
    ZDNet Gravatar
    glashoppah
    21st May 2008
View More Comments

Talkback - Tell Us What You Think

Formatting +
BB Codes - Note: HTML is not supported in forums
  • [b] Bold [/b]
  • [i] Italic [/i]
  • [u] Underline [/u]
  • [s] Strikethrough [/s]
  • [q] "Quote" [/q]
  • [ol][*] 1. Ordered List [/ol]
  • [ul][*] · Unordered List [/ul]
  • [pre] Preformat [/pre]
  • [quote] "Blockquote" [/quote]

The best of ZDNet, delivered

ZDNet Newsletters

Get the best of ZDNet delivered straight to your inbox

Facebook Activity