As cyber threats become more and more ubiquitous, there is declining confidence in traditional detection-based software like anti-virus. Instead, the industry is moving towards more preventative measures, instead of eliminating threats once they're already detected.
The results come from Bromium's Enterprise Security Confidence Report, wherein the security group surveyed 125 professionals to determine the state of cyber threats and the security industry.
The overwhelming pace of hacks and data breaches has led to anti-virus software losing a lot of trustworthiness, said Clinton Karr, senior security strategist at Bromium. "Information security professionals are turning instead to technologies that provide proactive protection, such as threat isolation, as the foundation of their security architecture."
The survey found that a staggering 92% of respondents are losing confidence in legacy solutions like anti-virus and whitelisting, which don't hold as much clout as before. "That confidence has now been decimated," said Bromium's survey. Meanwhile, 78% of those interviewed said that anti-virus software is not effective against general attacks.
Many of the infosec professionals surveyed said they believe endpoint threat isolation solutions to be the most effective. Other respondents said they are placing their faith in intrusion detection or prevention solutions. Elsewhere 27% of respondents said that network sandboxes are effective. "Detection-based solutions cannot provide the adequate level of protection," said the survey, showing that the demand for security products and what they offer has changed drastically in recent years.
At the end of the day, a robust and diverse info security configuration is the key to staying safe. It's important to be able to deal with issues as they arise, but you need to be able to stop them from ever getting into your system as well.