殺毒軟件江湖未冷 賽門鐵克公司轉向高端安全服務
Just over a week ago, Symantec's (SYMC) senior vice president of information security Brian Dye delivered a concise eulogy for anti-virus software. It "is dead," he told theWall Street Journal. "We don't think of antivirus as a moneymaker in any way."
“殺毒軟件已死!”,就在一週前,賽門鐵克公司(Symantec)信息安全部高級副總裁布萊恩o代伊在接受《華爾街日報》(Wall Street Journal)採訪時發表了這番簡短的悼詞。“無論如何,我們都不再把殺毒軟件當作搖錢樹。”This isn't news to the cybersecurity community. Most agree that anti-virus lost primacy seven or eight years ago as a traditional prevention tactic. The notion of setting up perimeter defenses around a network to keep hackers out has given way to a more flexible detection and response model. "The entire industry has moved beyond anti-virus a long time ago," said Bret Hartman, chief technology officer of the security business group at Cisco (CSCO). "It's not a surprise."
網絡安全界對這樣的觀點已經習以爲常。大部分人都認爲,殺毒軟件早在七八年前就已不是首要的安全防禦手段。目前業界傾向於採用更加靈活的監測和反應模型去構建全方位的安全防禦體系。思科(Cisco)安全業務集團首席技術官布萊特o哈特曼說:“整個安全界早已棄用殺毒軟件,這不是什麼新鮮事。”But anti-virus protection remains important as a first line of defense against threats. According to Dye's estimates, traditional cybersecurity methods catch more than 45% of threats. The problem, he says, is that anti-virus alone is insufficient. "The point that we were making in the interview with the Wall Street Journal and that we make with our customers on a regular basis is that anti-virus alone is not enough," Dye clarified in an interview with Fortune. "The era of anti-virus-only is over."
但作爲安全領域的第一道防線,殺毒軟件的作用仍然十分重要。根據代伊的估算,傳統安全方法能防禦45%以上的威脅。他強調,目前的問題是光靠殺毒軟件遠遠不夠。“我們在接受《華爾街日報》採訪時想表述的觀點是,僅靠殺毒軟件是不夠的,而我們對客戶也在一直強調這點,”代伊在接受《財富》(Fortune)採訪時強調。“殺毒軟件能抵擋一切威脅的時代已經一去不返。”
"If that's all you're using to protect yourself, you're vulnerable," said Fran Rosch, senior vice president of Symantec's Norton consumer business.
賽門鐵克公司諾頓(Norton)事業部副總裁弗蘭o羅施說:“如果只使用殺毒軟件,那你就危險了。”Other security firms have already begun implementing a new slate of security technologies. Juniper Networks (JNPR), for instance, lures malicious intruders into revealing themselves by placing bait within a network. "Once they touch a false piece of information we've planted, we flag it," said Nawf Bitar, senior vice president and general manager of the security business at Juniper. The company can then determine whether an intruder is up to no good.
不少信息安全公司已經開始嘗試新的反惡意技術。瞻博網絡(Juniper Networks)就是一例。這家公司有意設置一些假漏洞,誘騙入侵者上鉤。“一旦他們接觸到了這些故意設置的信息,我們就能打上標記,”瞻博網絡副總裁兼信息安全部總監納威o比塔爾說。然後,這家公司就會進一步分析,這些入侵者是否是惡意的。Others in the space are keeping up by acquisition. At the beginning of this year, FireEye (FEYE), for example, bought Mandiant, a cybersecurity firm able to investigate network breaches and track and detail hackers. Six months ago, Cisco purchased SourceFire, which also analyzes and tracks threats. Though the deals demonstrate that the industry at large is evolving beyond protection to detection and response, Symantec's announcement is particularly notable for indicating a sea change at the company that originally invented commercial anti-virus software.
其它一些公司則在積極併購。例如FireEye公司在年初收購了安全公司Mandiant,後者在探測網絡漏洞、追蹤和分析黑客方面頗有一套。半年前,思科也收購了安全信息服務商SourceFire。雖然這些併購交易表明,整個安全界的重心已從防護擴展到監測和反應領域,但賽門鐵克的聲明無異於一顆重磅炸彈,因爲它表明,賽門鐵克——商業化殺毒軟件的發明者已經改弦易轍了。"It's one thing for the outside world to bash anti-virus," said Ted Schlein, general partner at Kleiner Perkins Caulfield & Byers, who helped create the earliest commercial anti-virus software products at Symantec in the late 1980s. "It's another thing for the anti-virus king to bash anti-virus."
凱鵬華盈基金(Kleiner Perkins Caulfield & Byers)普通合夥人特德o施萊恩稱:“外界唱衰殺毒軟件沒什麼,但就連殺毒軟件之父也出來唱衰殺毒軟件那就不一樣了。”施萊恩在上世紀八十年代曾參與開發了賽門鐵克第一款商業化殺毒軟件。Symantec still rakes in more than 40% of its revenue from anti-virus products. But year-over-year, that revenue is in decline. In the company's latest quarterly earnings report, revenue fell 7% for the quarter ended March 28 compared to the same quarter last year.
賽門鐵克仍然有40%以上的營收來自殺毒軟件,但這塊業務如今每況愈下。從截至3月28日的季度財報來看,賽門鐵克營收同比下滑7%。"The only dead thing about A.V. are its revenue and growth prospects," wrote Vinnie Liu, co-founder and partner at security consultancy Bishop Fox, in an email. "Instead of settling for diminishing returns on old school preventative technologies (e.g. A.V.), they're finding they can achieve higher R.O.I. from adaptive tools."
安全諮詢公司Bishop Fox聯合創始人兼合夥人維尼o劉在郵件中寫道:“殺毒軟件的營收和增長前景黯淡。他們不是在坐視老式預防性技術的收益遞減,而是發現能通過適應性工具獲得較高的投資回報率。”In other words, in order to remain relevant, Symantec has chosen to follow the money. "By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches," according to a May 2013 study by the market research firm Gartner, "up from less than 10% in 2013." That certainly sounds like an opportunity for growth.
換言之,爲了保持自身地位,賽門鐵克選擇了跟着錢走。市場研究公司高德納(Gartner)2013年5月的一份研究稱,“到2020年,60%的企業信息安全預算將用於快速監測和反應。2013年時,這個比例還不足10%。”這顯然是個巨大的成長機遇。Following the pronouncement of the death of anti-virus, Symantec announced the additionof two new premium security services to its existing flagship products for business. The company wants to go head-to-head with competition like FireEye by briefing companies on threats, analyzing networks for shady activities and detecting breaches.
宣判殺毒軟件的死亡後,賽門鐵克公佈了兩項新的高端安全服務,作爲旗下現有企業級旗艦業務的補充。賽門鐵克希望向企業用戶報告安全威脅、分析黑幕活動網絡以及檢測漏洞,藉此與FireEye等競爭對手正面交鋒。"It is a smart move by SYMC," wrote Craig Carpenter, chief strategy officer from AccessData, in an email, noting that Symantec has lagged in recent years. "The quickest way for SYMC to catch up (i.e. get to market with a viable solution) is to launch a managed service or two leaning on their advantages (a large installed base and strong presence on the client) and filling in key gaps with a partner ecosystem (e.g. threat intelligence monitoring, IR [incident response], etc.)."
AccessData首席戰略官克雷格o卡彭特在郵件中寫道:“這對賽門鐵克而言是一個明智的舉措。”卡彭特指出,賽門鐵克近年來已經掉隊了。“賽門鐵克要想迎頭趕上(拿出可行的解決方案並將其推向市場),最快的方法就是依靠自身優勢(龐大的客戶羣和在客戶端的強勁實力),推出一兩項管理服務,並以合作伙伴生態系統填補關鍵的市場空白【例如威脅智能監控、紅外(事件響應)等】。”Having ousted its second CEO in two years -- Steve Bennett -- in March, Symantec is clearly trying to reinvent itself. "It's challenging dealing with your own legacy system," said Schlein. "I hope they get the leadership in there to make those changes."
賽門鐵克今年三月份罷免了首席執行官史蒂夫o本內特,這是這家公司兩年來罷免的第二位首席執行官。顯然,賽門鐵克力圖革新。施萊恩說:“處理自己的遺留系統極具挑戰性。我希望賽門鐵克能找到合適的領導者來實現變革。”But has anti-virus drawn really its last breath? Cisco's Hartman added that no technology truly dies, it just becomes more commoditized or less valuable. Rosch analogizes anti-virus software to the seatbelt in a car. It's the first layer of protection; as the industry continues to evolve and safety grows more sophisticated, shoulder strap, airbags, and better braces follow.
但殺毒軟件真的已經死了嗎?思科(Cisco)的哈特曼表示,沒有什麼技術會徹底退出歷史舞臺,它們只不過會變得更加商品化,或是變得不那麼有價值。羅施將殺毒軟件比作汽車安全帶。它是第一層保護;隨着汽車行業不斷髮展、安全措施日益完善,又出現了肩帶、安全氣囊以及更好的防護設施。"I think anti-virus someday won't be needed at all," Schlein said. "But right now it takes care of a lot of the known items."
施萊恩說:“我認爲殺毒軟件有朝一日將變得毫無價值。但眼下它還發揮着很大的作用。”So don't uninstall just yet.
所以,先別急着卸載殺毒軟件。
