We have seen in articles from vendors competing in cybersecurity that anti-virus (AV) software is ineffective, evidence the enormous cybercrime problem and the success of the cybercriminals. But from both a statistical and technical perspective, nothing could be further from the truth. While the volume of attacks has grown almost exponentially over the past decade, anti-virus software has more than kept pace. Going well beyond what was originally just stopping known threats, new anti-virus software technology using advanced techniques like machine learning and behaviour analysis stops more threats, even on percentage. The AV software we employ at NPC for our clients, ESET, uses more than 30 years of experience in the field and the daily attack data of more than 110 million users and 400 thousand business customers to keep up with the threats.

Every day, malware becomes more sophisticated and way more common. Estimates are that more than 350,000 viruses and PUP’s (Potentially Unwanted Programs) are created daily. Yes, daily. Anti-virus software is, as we will explain, still one of your first and most important lines of defense against these threats. It does this better today than it ever has.

How Anti-virus Software Protects You

As most attacks today come through the endpoint computer, the desktop or laptop, anti-virus is your best first line of defense because it protects the point of entry to your business and your data. Even the most basic anti-virus software works on two principles: it scans files as they arrive, comparing them to known malware; and it monitors software on your device, looking for suspicious behaviour. Once detected, most anti-virus software helps you either remove or quarantine the offending malware to prevent it from doing any (more) damage.

In addition to scanning your computer’s hard drive and active memory, scans extend to external storage devices, websites, and emails to prevent passing or receiving malicious files with other people or between your work and home computers.

Why People Don't Use Anti-Virus Software

There are a few reasons this important tool gets overlooked way too often. First, the years of bad PR about AV software gives some an excuse not to embrace it. Second, poorly chosen brands of AV software or bad implementation of good software can slow down a system or device making it inconvenient. Third, users simply don’t have the time to set it up or they believe that another technology they employ, such as a firewall, is doing the whole job (it’s not). Finally, they’re just avoiding cost.

There are some who stop using anti-virus software after a year or two of licensing when it doesn’t appear to reveal any threats. It could be working great in the background, they just don’t see the result. They think that there was nothing to worry about in the first place or perhaps the AV software is not working. It’s important to remember that with any security, no results may be the best result of all. When everything is working together in your security measures — email spam filters, firewalls, training to not click what you don’t know, downloading only trusted files, using multi-factor authentication, patching, etc. — AV is right there in the mix doing its job.

Part of the reason AV software has acquired a bad rap about its effectiveness is that these other measures may not be in place or well managed. In particular, unpatched systems or dated software can considerably weaken the effectiveness of even the best anti-malware suite. It’s important to keep your AV software updated and to let it scan your system regularly. Each software update enhances its ability to detect new threats that have recently emerged and the signatures to identify them.

You Should Pay for Anti-virus Software

As with many things in life, good often comes with a price. Security is one of them. Anti-virus software along with the other security measures you have in place is an investment in your business. It will save you downtime from a successful attack, protect your client relationships, and give you the peace of mind that the business you work so hard to build is protected. Our clients at NPC enjoy the protection of an enterprise-class, award-winning anti-virus solution that is installed, managed and monitored by our security professionals for them. But for the average business still doing technology themselves or using the older-style custom to order IT solutions, buying a best-in-class AV solution, or insisting on one from their IT provider, is critical. With free virus protection you may get the basics, but developers save the best features and most rigorous scans for their paid products. And while some operating systems like Windows 11 and macOS come with better built-in AV suites than in the past, they are still not at the performance overall of leading, independent vendors that provide enterprise-class solutions.

Most importantly, software updates for paid software are more frequent and comprehensive to ensure that you’re protected from the newest threats out there.

Next-generation solutions, like CrowdStrike or Sentinel One, also offer good protection in robust, feature rich offerings. But they are really designed for larger organizations and can be a considerable investment in resources to install and manage. Our business at NPC is to employ products and services at that level for our clients in standardized offerings, to give them the best of both worlds, enterprise-class protection for the smaller business.

In this Cybersecurity Awareness Month, make sure you have implemented and are keeping up to date a best-in-class AV solution, a still critical component of your defense in-depth strategy.