Anti-virus becoming less important than content control
Bosses want to control staff
By 2007 firms will spend more on content filtering and encryption technology than they do on anti-virus software according to a report by industry analysts Frost & Sullivan released this week.
According to the analysts, malicious code monitoring will experience high growth over the forecast period, but will become subsumed into other technologies. This is an admittedly tricky process because of the difficulty of integrating anti-virus and encryption technologies.
Frost & Sullivan forecasts that total sales in the European Internet content security market are expected to grow from $524.6 million in 2000 to $3.13 billion in 2007, but the portion of this represented by anti-virus products will diminish from 80 per cent to 38.5 per cent in the future.
The growth of content filtering will be driven by companies increased desire to control their employees' use of email and the Internet.
Tom Fawcett, a security analyst at Frost & Sullivan, said that firms are prepared to spend more on content filtering to avoid becoming exposed to legal risks, from legislation like the Data Protection Act and the RIP Act, and to control worker productivity. Growth in sales of content encryption products will also see a huge upswing due to the introduction of data protection legislation, pushing sales from $38 million to $1.36 billion by 2007.
Historically sales of anti-virus software has been stimulated by the outbreak of viruses, such as Melissa and the Love Bug. Fawcett said, at least within corporates, the effect of such security scares will become less important on overall spending in future, because anti-virus protection is a done deal.
We're far from sure about this one because we regularly hear have firms that have fallen victim to malicious code because of lack of adequate antivirus protection. If it isn't Hewlett-Packard distributing virus-infected drivers, then it's employment agency Manpower's email system been swamped by Melissa.
Also if most people were adequately protected we wouldn't see the continuous spread of old infections, like Kakworm. Some estimates, such as a study by securityportal.com available here, suggest that users can take two years or more to update their antivirus programs and apply patches to fix program vulnerabilities.
Graham Cluley, of Sophos, agreed that home users are more "lackadaisical" than corporates and often have anti-virus software that is out of date, so that people need to take personal responsibility over the issue.
He conceded that vendors need to do more on the issue both by designing software that makes it more obvious to users if protection is not up to date and releasing tools that make it easier to update remote workstation and laptops, which may be only infrequently connected to corporate networks.
Michael Kalinichenko, technical director of Russian antivirus firm Kaspersky Labs, said the problem is "users don't think about the necessity of upgrading their antivirus software until the moment of infection." ®