The damaging impact of viruses has helped to propel antivirus security spending revenues to US$2.2 billion for 2002, according to figures provided by research firm IDC Ltd. earlier this week.
Antivirus spending in 2002 increased by 31 per cent over 2001, and Framingham, Mass.-based IDC said it expects the market to continue to grow over the next five years, reaching US$4.4 billion in 2007.
According to the results of a survey the firm conducted with 325 businesses across the U.S., 82 per cent of respondents said they had been attacked by a virus or worm. Thirty per cent of those organizations also admitted that while an attack had been detected by their company, they did not immediately fend off the virus. This “grim” statistic, according to a statement issued by IDC, reflects that while attacks can be detected, they may still be harmful “if the offending material is not removed.”
To fight against worms and viruses, IDC said organizations should adopt a layered security approach that includes solutions such as desktop antivirus software, server and gateway antivirus, content filtering and heuristics. The firm added that traditional signature-based antivirus technologies and behaviour-based analysis technologies will be used together more often, increasing the probability of detection.
Along that vein, antivirus software vendor Network Associates Technologies Inc. on Tuesday held its last Webcast in a four-part series called “Best Practices for Your System Security,” designed to provide network administrators and security managers with relevant information on how to secure their enterprise from the desktop to the gateway. George Younan, a senior security consultant for Network Associates in the expert services division in Santa Clara, Calif. agreed that given the complexity of malicious code, a company needs to think beyond a one-layered security policy.
The session also focused on the common errors made in system security management and how companies could avoid repeating those mistakes. As Younan explained, if for example your organization is a financial institution or medical outfit, unauthorized employees should not be given the responsibility of updating or installing antivirus software. He stressed the importance of creating policies and procedures around security because it is usually an internal employee who opens company doors to a virus.
“We all know that typical malicious code and viruses get into our environment due to the end users (and) users must be protected from themselves. We cannot give any control to the user,” he said.
Network Associates is online at www.nai.com, and IDC can be fouynd at www.idc.com. In Canada, Richmond Hill, Ont.-based Network Associates Canada is at www.nai.com/international/canada and Toronto-based IDC Canada Ltd. is at www.idc.ca.