Antivirus is 'completely wasted money': Cisco CSO

Companies are wasting money on security processes--such as applying patches and using antivirus software--which just don't work says Cisco's chief security officer.

Companies are wasting money on security processes--such as applying patches and using antivirus software--which just don't work, according to Cisco's chief security officer John Stewart.

Speaking at the AusCERT 2008 conference in the Gold Coast yesterday, Stewart said the malware industry is moving faster than the security industry, making it impossible for users to remain secure.

"If patching and antivirus is where I spend my money, and I'm still getting infected and I still have to clean up computers and I still need to reload them and still have to recover the user's data and I still have to reinstall it, the entire cost equation of that is a waste.

"It's completely wasted money," Stewart told delegates. He said infections have become so common that most companies have learned to live with them.

"There are too many companies in the world that actually believe infection is just a cost of doing business and are getting used to doing it--as opposed to stopping it completely. That's dangerous," he said.

A better way of dealing with the unknown is to use whitelists--where only authorized or approved software can execute, said Stewart. "I'm sick of blacklisted stuff. I've got to go for whitelisted stuff--I know what that is because I put it there," he said. Security software vendors did not agree.

Gavin Struthers, regional director for McAfee Australia and New Zealand, said that although installing antivirus and updating patches are not a perfect solution, they certainly aren't a waste.