Next-Generation Antivirus: What is it? And why do we need it?
An investigation by Detica for the Cabinet Office reported that the cost of cyberattacks for the UK business community is estimated to be around £21 billion annually. We’ve all heard of the cyberattacks on large enterprises such as the WannaCry ransomware attack that affected the NHS, the Tesco cyber-attack and the TalkTalk data breach, but you don’t hear much about cyber-attacks on small/medium businesses, but that doesn’t mean it doesn’t happen. At least 60% of all cyberattacks or data breaches are aimed at small businesses.
SMB’s are targeted for various reasons such as lack of expertise, lack of equipment and lack of funds for software and hardware updates which means the SMBs can have many vulnerabilities when it comes to cybersecurity. A key area for keeping your business’s IT secure is ensuring that you are keeping your technology and software up to date. As technology is evolving more rapidly than ever, and with ever-evolving technology, comes ever-evolving threats. So why are businesses still relying on outdated and static antivirus software to protect themselves from modern, highly intelligent viruses?
Why traditional antivirus software no longer works
First, we need to know how antivirus works. Traditional antivirus software works on a code/signature recognition-based strategy, where the antivirus software will analyse files (whether it be a document file or an application file) and compare them against signatures of known viruses. Antivirus software will quarantine, block or remove any files that have similar or an exact match to a known virus signature code.
Antivirus software can only detect code that it recognises, which means there must be a copy of the signature code somewhere, that the specific antivirus software can access. This is why your traditional antivirus, is simply not enough. Any form of malware that is not ‘known’ by your antivirus software or is a file-less virus will not be detected. Furthermore, once a virus is well known, cybercriminals will begin to evolve the virus or stop using it completely, as it will always get blocked, and therefore become redundant.
A Ponemon investigation revealed that 76% of respondents who had been a victim of a cyberattack reported that the attack was a new or an unknown zero-day attack. With only 19% of respondents reporting that the source of the threat was known.
What is Next-Generation Antivirus (NGAV)? And how does it work?
So, if antivirus isn’t enough, what can you do? Introducing next-generation antivirus (NGAV) aka next-generation endpoint protection. NGAV is a modern way of detecting file-less threats, before, during and after execution using AI and deep learning.
Crowd strike defines Next-Generation Antivirus (NGAV) as using a combination of artificial intelligence, behavioural detection, machine learning algorithms, and exploit mitigation, so known and unknown threats can be anticipated and immediately prevented. NGAV is cloud-based, which therefore allows it to be deployed faster, and in a more agile manner.
Unlike traditional antivirus, NGAV works proactively by monitoring and responding to attacker tactics, techniques and procedures (TTPs) and therefore can identify and prevent known and unknown viruses. The cloud-based approach uses machine learning and artificial intelligence to drive predictive analytics, combined with threat intelligence to:
- Identify and prevent file-based and file-less malware attacks, as well as non-malware attacks
- Detect malicious behaviour and TTPs from unknown sources
- Perform forensic analysis of endpoint data to find the root cause of the infection
- Find and responds to new and unknown threats that would go undetected by traditional antivirus
Do you still need your antivirus?
In short, probably not…But don’t go and remove your antivirus in haste.
NGAV is here to replace your old antivirus but when dealing with antivirus, NGAV and endpoint protection it is best to fully research your options, to ensure you are choosing the best software/product for you and your business needs. You will also want to make sure you are fully set up with your new form of protection before uninstalling/removing/cancelling your previous version of antivirus.
Our recommended Next-Generation Antivirus software
We have created a free guide that will bring you up to speed on everything you need to know about creating a secure IT environment for your business.
The free guide covers:
- Why traditional antivirus no longer works
- 5 common cybersecurity threats that bypass your antivirus
- What is Next-Generation Antivirus
- How NGAV works
- What to look for in an NGAV solution
- NGAV checklist
- Managing your NGAV
If you have any questions about what type of cybersecurity audit your business should conduct, or if you have any concerns about your cybersecurity, we offer a free cybersecurity assessment performed by one of our experts here at AZTech, or you can download our cybersecurity assessment checklist. View our full range of cybersecurity services here.
- IT Security audit checklist for small and medium businesses
- Cyberattacks during the pandemic: How to protect your data
- How to prevent cyber attacks on your business
- How to protect your digital assets from cybersecurity threats
- Phishing frequently asked questions
- Four types of security audit your business should conduct