Security

Investor: Symantec and McAfee need to scrap anti-virus roots and pivot

Ted Schlein

Ted Schlein, investor with Kleiner Perkins Caufield and Byers, built one of the first anti-virus products at Symantec. Today, he says the likes of Symantec and McAfee will run out of gas if they don’t get rid of their anti-virus divisions.

“They will either need to realize their core anti-virus business is going away and make massive shifts, or they will continue to lose market share,” said Schlein at the RSA Conference in San Francisco this week. “You’ve got to change with the times. You can’t be static in security,” he said.

The security community is starting to look down on anti-virus technology simply because such tools don’t get any better until you get hacked. Traditionally, anti-virus software looks at digital signatures to determine whether or not the file entering your system is malware or safe. But it only learns that bad signature if it has seen it. Any new pieces of malware slip in under the radar.

Companies like Symantec and McAfee are running the risk of becoming irrelevant if they don’t change course. Both companies dabble in mobile security and are trying to figure out the answer to the bring-your-own-device (BYOD) trend. But Symantec, as Schlein noted, has more pressure to pivot than McAfee, which is owned by Intel. In the end, Intel can decide what to do with McAfee’s technology — and employees — whereas Symantec is still independent.

Other companies have tried behavioral anti-virus techniques, or studying the typical actions a piece of malware performs to stay relevant. For the most part, however, the overall anti-virus market seems to be slowly becoming the kid no one wants to play with.

“I believe security has to be done from the inside out, not outside in,” said Schlein.

He also said we should do away with firewalls. In fact, he won’t invest in any. Instead, he said, we should focus on protecting the information on the inside of the system — care less about what gets into our systems and more about stopping it from executing once it’s there.

This is especially important in the days of automated attacks, which Schlein said are some of the scariest threats in the industry today.

Botnets are able to storm your system, they’re cheap to use, and they don’t require much heavy lifting on the criminal’s part. Botnets are a huge threat because they let hackers be fast and more economical in attacks, say against banks, that could lead to big financial gains.

Schlein suggests the industry forget about firewalls and instead build “botwalls” that don’t try to keep the bots at bay but instead break them down once they’re on the inside.

“A botwall will be able to figure out these automated attacks,” he explained. “You need to look at these automated bots and how they work. You’re not trying to stop a bot from executing, you’re trying to stop a bot from being successful.”

Image via Meghan Kelly/VentureBeat