The devil is in the DeepSAFE detail
McAfee announced its first DeepSAFE product this week, but will IT departments be interested in the sub-OS model?
It would be horrifically expensive, one admin told me, and convincing the board of the value of such an investment would be impossible he added. Part of the reason for this can be summed up in a McAfee sound bite from the FOCUS 2011 announcement: "McAfee Deep Defender is capable of detecting nearly all kernel-mode malware." Nearly all is not a great selling point in security terms. It's a bit like trying to flog an underwater camera that is 99 per cent waterproof.
It all but suggests, nay announces, not all kernel-mode malware can be detected by the product, does it not? In which case, where is the real value? And that's before the bad guys, who might not have quite the financial clout of Intel but seem to do pretty well in keeping one step ahead of the information security marketplace as a rule nonetheless, catch up and manage to work out how to cloak their malware from DeepSAFE eyes.
I suspect it will not be too long before that happens, and then we are back to square one. No wonder savvy enterprises are going to play a waiting game here, seeing how the rest of the security industry (on both sides of the legal fence) respond to these developments in terms of competing products coming to market.
In the meantime, the average enterprise would probably be best advised to invest in education and getting the basics right when it comes to security. Not least the small matter of keeping everything patched and up to date, and not allowing untrusted software and devices to access the network.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
Davey is a three-decade veteran technology journalist specialising in cybersecurity and privacy matters and has been a Contributing Editor at PC Pro magazine since the first issue was published in 1994. He's also a Senior Contributor at Forbes, and co-founder of the Forbes Straight Talking Cyber video project that won the ‘Most Educational Content’ category at the 2021 European Cybersecurity Blogger Awards.
Davey has also picked up many other awards over the years, including the Security Serious ‘Cyber Writer of the Year’ title in 2020. As well as being the only three-time winner of the BT Security Journalist of the Year award (2006, 2008, 2010) Davey was also named BT Technology Journalist of the Year in 1996 for a forward-looking feature in PC Pro Magazine called ‘Threats to the Internet.’ In 2011 he was honoured with the Enigma Award for a lifetime contribution to IT security journalism which, thankfully, didn’t end his ongoing contributions - or his life for that matter.
You can follow Davey on Twitter @happygeek, or email him at davey@happygeek.com.