????“殺毒軟件已死！”，就在一周前，賽門鐵克公司（Symantec）信息安全部高級副總裁布萊恩?代伊在接受《華爾街日報》（Wall Street Journal）采訪時發表了這番簡短的悼詞。“無論如何，我們都不再把殺毒軟件當作搖錢樹。”

????網絡安全界對這樣的觀點已經習以為常。大部分人都認為，殺毒軟件早在七八年前就已不是首要的安全防御手段。目前業界傾向于采用更加靈活的監測和反應模型去構建全方位的安全防御體系。思科（Cisco）安全業務集團首席技術官布萊特?哈特曼說：“整個安全界早已棄用殺毒軟件，這不是什么新鮮事。”

????但作為安全領域的第一道防線，殺毒軟件的作用仍然十分重要。根據代伊的估算，傳統安全方法能防御45%以上的威脅。他強調，目前的問題是光靠殺毒軟件遠遠不夠。“我們在接受《華爾街日報》采訪時想表述的觀點是，僅靠殺毒軟件是不夠的，而我們對客戶也在一直強調這點，”代伊在接受《財富》（Fortune）采訪時強調。“殺毒軟件能抵擋一切威脅的時代已經一去不返。”

????賽門鐵克公司諾頓（Norton）事業部副總裁弗蘭?羅施說：“如果只使用殺毒軟件，那你就危險了。”

????不少信息安全公司已經開始嘗試新的反惡意技術。瞻博網絡（Juniper Networks）就是一例。這家公司有意設置一些假漏洞，誘騙入侵者上鉤。“一旦他們接觸到了這些故意設置的信息，我們就能打上標記，”瞻博網絡副總裁兼信息安全部總監納威?比塔爾說。然后，這家公司就會進一步分析，這些入侵者是否是惡意的。

????其它一些公司則在積極并購。例如FireEye公司在年初收購了安全公司Mandiant，后者在探測網絡漏洞、追蹤和分析黑客方面頗有一套。半年前，思科也收購了安全信息服務商SourceFire。雖然這些并購交易表明，整個安全界的重心已從防護擴展到監測和反應領域，但賽門鐵克的聲明無異于一顆重磅炸彈，因為它表明，賽門鐵克——商業化殺毒軟件的發明者已經改弦易轍了。

????凱鵬華盈基金（Kleiner Perkins Caulfield & Byers）普通合伙人特德?施萊恩稱：“外界唱衰殺毒軟件沒什么，但就連殺毒軟件之父也出來唱衰殺毒軟件那就不一樣了。”施萊恩在上世紀八十年代曾參與開發了賽門鐵克第一款商業化殺毒軟件。

????賽門鐵克仍然有40%以上的營收來自殺毒軟件，但這塊業務如今每況愈下。從截至3月28日的季度財報來看，賽門鐵克營收同比下滑7%。

????安全咨詢公司Bishop Fox聯合創始人兼合伙人維尼?劉在郵件中寫道：“殺毒軟件的營收和增長前景黯淡。他們不是在坐視老式預防性技術的收益遞減，而是發現能通過適應性工具獲得較高的投資回報率。”

????換言之，為了保持自身地位，賽門鐵克選擇了跟著錢走。市場研究公司高德納（Gartner）2013年5月的一份研究稱，“到2020年，60％的企業信息安全預算將用于快速監測和反應。2013年時，這個比例還不足10％。”這顯然是個巨大的成長機遇。

????宣判殺毒軟件的死亡后，賽門鐵克公布了兩項新的高端安全服務，作為旗下現有企業級旗艦業務的補充。賽門鐵克希望向企業用戶報告安全威脅、分析黑幕活動網絡以及檢測漏洞，借此與FireEye等競爭對手正面交鋒。

????AccessData首席戰略官克雷格?卡彭特在郵件中寫道：“這對賽門鐵克而言是一個明智的舉措。”卡彭特指出，賽門鐵克近年來已經掉隊了。“賽門鐵克要想迎頭趕上（拿出可行的解決方案并將其推向市場），最快的方法就是依靠自身優勢（龐大的客戶群和在客戶端的強勁實力），推出一兩項管理服務，并以合作伙伴生態系統填補關鍵的市場空白【例如威脅智能監控、紅外（事件響應）等】。”

????賽門鐵克今年三月份罷免了首席執行官史蒂夫?本內特，這是這家公司兩年來罷免的第二位首席執行官。顯然，賽門鐵克力圖革新。施萊恩說：“處理自己的遺留系統極具挑戰性。我希望賽門鐵克能找到合適的領導者來實現變革。”

????但殺毒軟件真的已經死了嗎？思科（Cisco）的哈特曼表示，沒有什么技術會徹底退出歷史舞臺，它們只不過會變得更加商品化，或是變得不那么有價值。羅施將殺毒軟件比作汽車安全帶。它是第一層保護；隨著汽車行業不斷發展、安全措施日益完善，又出現了肩帶、安全氣囊以及更好的防護設施。

????施萊恩說：“我認為殺毒軟件有朝一日將變得毫無價值。但眼下它還發揮著很大的作用。”

????所以，先別急著卸載殺毒軟件。（財富中文網）

????譯者：項航

????Just over a week ago, Symantec's (SYMC) senior vice president of information security Brian Dye delivered a concise eulogy for anti-virus software. It "is dead," he told theWall Street Journal. "We don't think of antivirus as a moneymaker in any way."

????This isn't news to the cybersecurity community. Most agree that anti-virus lost primacy seven or eight years ago as a traditional prevention tactic. The notion of setting up perimeter defenses around a network to keep hackers out has given way to a more flexible detection and response model. "The entire industry has moved beyond anti-virus a long time ago," said Bret Hartman, chief technology officer of the security business group at Cisco (CSCO). "It's not a surprise."

????But anti-virus protection remains important as a first line of defense against threats. According to Dye's estimates, traditional cybersecurity methods catch more than 45% of threats. The problem, he says, is that anti-virus alone is insufficient. "The point that we were making in the interview with the Wall Street Journal and that we make with our customers on a regular basis is that anti-virus alone is not enough," Dye clarified in an interview with Fortune. "The era of anti-virus-only is over."

????"If that's all you're using to protect yourself, you're vulnerable," said Fran Rosch, senior vice president of Symantec's Norton consumer business.

????Other security firms have already begun implementing a new slate of security technologies. Juniper Networks (JNPR), for instance, lures malicious intruders into revealing themselves by placing bait within a network. "Once they touch a false piece of information we've planted, we flag it," said Nawf Bitar, senior vice president and general manager of the security business at Juniper. The company can then determine whether an intruder is up to no good.

????Others in the space are keeping up by acquisition. At the beginning of this year, FireEye (FEYE), for example, bought Mandiant, a cybersecurity firm able to investigate network breaches and track and detail hackers. Six months ago, Cisco purchased SourceFire, which also analyzes and tracks threats. Though the deals demonstrate that the industry at large is evolving beyond protection to detection and response, Symantec's announcement is particularly notable for indicating a sea change at the company that originally invented commercial anti-virus software.

????"It's one thing for the outside world to bash anti-virus," said Ted Schlein, general partner at Kleiner Perkins Caulfield & Byers, who helped create the earliest commercial anti-virus software products at Symantec in the late 1980s. "It's another thing for the anti-virus king to bash anti-virus."

????Symantec still rakes in more than 40% of its revenue from anti-virus products. But year-over-year, that revenue is in decline. In the company's latest quarterly earnings report, revenue fell 7% for the quarter ended March 28 compared to the same quarter last year.

????"The only dead thing about A.V. are its revenue and growth prospects," wrote Vinnie Liu, co-founder and partner at security consultancy Bishop Fox, in an email. "Instead of settling for diminishing returns on old school preventative technologies (e.g. A.V.), they're finding they can achieve higher R.O.I. from adaptive tools."

????In other words, in order to remain relevant, Symantec has chosen to follow the money. "By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches," according to a May 2013 study by the market research firm Gartner, "up from less than 10% in 2013." That certainly sounds like an opportunity for growth.

????Following the pronouncement of the death of anti-virus, Symantec announced the additionof two new premium security services to its existing flagship products for business. The company wants to go head-to-head with competition like FireEye by briefing companies on threats, analyzing networks for shady activities and detecting breaches.

????"It is a smart move by SYMC," wrote Craig Carpenter, chief strategy officer from AccessData, in an email, noting that Symantec has lagged in recent years. "The quickest way for SYMC to catch up (i.e. get to market with a viable solution) is to launch a managed service or two leaning on their advantages (a large installed base and strong presence on the client) and filling in key gaps with a partner ecosystem (e.g. threat intelligence monitoring, IR [incident response], etc.)."

????Having ousted its second CEO in two years -- Steve Bennett -- in March, Symantec is clearly trying to reinvent itself. "It's challenging dealing with your own legacy system," said Schlein. "I hope they get the leadership in there to make those changes."

????But has anti-virus drawn really its last breath? Cisco's Hartman added that no technology truly dies, it just becomes more commoditized or less valuable. Rosch analogizes anti-virus software to the seatbelt in a car. It's the first layer of protection; as the industry continues to evolve and safety grows more sophisticated, shoulder strap, airbags, and better braces follow.

????"I think anti-virus someday won't be needed at all," Schlein said. "But right now it takes care of a lot of the known items."

????So don't uninstall just yet.