Symantec Corp., the world’s largest security software company, is joining the chorus of antivirus funeral hymns, declaring the technology is no longer an effective approach to stopping security breaches and, worse for it and the channel, not a moneymaker.
Rather than trying to stop every malware infection transiting the firewall or landing on endpoints, Symantec believes a better approach is identifying attacks in progress and containing the damage. Behind this “bend without breaking” strategy is a new security intelligence service that will help businesses identify and isolate attacks, as well as develop advanced detection and prevention technologies.
What’s to become of antivirus software, the product that made Symantec a security powerhouse and remains the primary means of endpoint protection and a staple of network security? Brian Dye, senior vice president of information security at Symantec, told the Wall Street Journal antivirus is “dead,” adding, “We don’t think of antivirus as a moneymaker in any way.”
Symantec’s notions of the ineffectiveness of antivirus is not new. For several years, security professionals and vendors have noted the declining value of antivirus software. The technology has struggled to keep pace with the tsunami of sophisticated malware samples in the wild. The near-saturation of antivirus adoption in the market has made it a commodity in which price is the biggest differentiator.
Symantec has faced stiff competition in the antivirus market. A decade ago, the company’s only true rival was McAfee Corp. Today, Symantec faces myriad competitors such as Trend Micro Inc., Sophos Ltd. and Kaspersky Lab ZAO, to name a few. Likewise, it’s facing increasingly potent challenges in companies such as FireEye Inc. and Palo Alto Networks.
Symantec will host partners at its annual Vision conference this week, where executives will likely talk about its shifting technology and product strategy. Word that antivirus is no longer a moneymaker won’t be a surprise to Symantec’s core partners, as the company has been shifting more resources toward its encryption, data loss prevention and security information management products over the last couple of years.
Additionally, Symantec has blamed its poor financial performance over the last two years on declining PC sales dragging down its antivirus product sales. The rise of mobile devices such as smartphones and tablets have done little to lift antivirus sales, despite the proliferation of malware targeting these platforms.
While many security vendors are looking for the next new thing that will provide greater levels of security and return on investment, Symantec is doing so from an unstable base.
Over the last several years, Symantec has suffered setbacks in products, management and operations. It’s looking for a new CEO after the abrupt March firing of Steve Bennett, who had served less than two years after the sack of Enrique Salem. Symantec has struggled with the quality of its core security products, particularly Symantec Endpoint Protection, which went through bad iterations before stabilizing in the current version.
The big questions: How real is Symantec’s move away from antivirus and how successful will it be in its new endeavors? Analysts and competitors note Symantec is far behind it the development of new technologies, whereas pioneers such as FireEye are capturing the imagination and wallet of the security market.
This article originally appeared on Channelnomics.com.