Panel: Anti-Virus Measures Are A Critical Business Process

While costs of doing business continue to draw scrutiny from both carriers and agents in the recovering economy, a panel of experts agreed it is critical for businesses to invest in anti-virus technology and to establish and enforce security policies. The remarks came during the recent Comdex Global Technology Marketplace conference held in Las Vegas.

According to Larry Bridwell, content security programs manager for ICSA Labs, Herndon, Va., companies worldwide spent more than $7 billion on security in 2002, with $2.2 billion going toward anti-virus protection. ISCA Labs is an online source for up-to-date information on computer viruses. Determining the cost-effectiveness of anti-virus protection, he explained, includes factors such as anti-virus software licenses and renewals, hardware, use of bandwidth, administration, training, and consideration of possible revenue loss due to virus infections.

Bridwell said the infamous Code Red virus had a $2.6 billion effect on productivity and cost about $1 billion to clean up. Similarly, the Slammer virus had a $1.2 billion effect on productivity and cost approximately the same to clean up. Given the high prices paid by those who are infected, anti-virus technology is “a good investment,” he stated.

The latest trends show more virus attacks targeted at known vulnerabilities in software, he noted. Unlike previous attacks, such viruses dont depend on human vulnerability in order to spread. He predicted that future attacks would present a “mixed threat,” capitalizing on both types of vulnerability. And, while new viruses constantly are being developed, the old ones “keep coming back.”

Primary organizational effects from virus attacks include: lost productivity, computers being unavailable, file corruption, loss of access to data, loss of the data itself and loss of user confidence, Bridwell said. “All of that translates into dollars,” he pointed out, giving companies something against which to measure a return on investment in protection.

Protection strategies should involve both regular updating of anti-virus software and enforcement of a companys own security policies and procedures, he said. He also recommended that anti-virus software be installed “everywhere”on individual workstations as well as on a companys network systems. These should be in place along with complementary programs, such as desktop firewall software, he noted.

According to Steve Crutchfield, group marketing manager for McAfee Security, a vendor of anti-virus software based in Santa Clara, Calif., preventing a virus infection is better than having to cure one. Using technology that blocks and stops infections in real time saves time over simple intrusion detection systems that merely warn users there is a possible breach, he said.

Applying updated patches to existing software is one way to avoid attack-related costs, said Crutchfield, who also recommended “multiple levels” of protection on servers and PCs.

Kevin Haley, group product manager for Symantec Corporation, another anti-virus vendor located in Cupertino, Calif., said todays “blended threats” may combine several different methods of infection, as well as hacker attacks. As a result, a combination of protection techniques is best, he noted.

“A firewall may not be enough to stop [everything],” Haley said, “but its needed.” Companies should also utilize multiple technologies on their services, including intrusion protection and prevention. “Vendors are starting to combine these products into a single product,” he noted.

Haley said blended threats are on the rise and that they are “very costly.” Approximately 10 to 15 new viruses are being created daily, he stated, “and this will drastically increase security costs.” Using technology that provides early warning is the key to protection, he said.


Reproduced from National Underwriter Life & Health/Financial Services Edition, January 30, 2004. Copyright 2004 by The National Underwriter Company in the serial publication. All rights reserved.Copyright in this article as an independent work may be held by the author.