????“殺毒軟件已死！”，就在一周前，賽門鐵克公司（Symantec）信息安全部高級副總裁布萊恩?代伊在接受《華爾街日報(bào)》（Wall Street Journal）采訪時(shí)發(fā)表了這番簡短的悼詞。“無論如何，我們都不再把殺毒軟件當(dāng)作搖錢樹。”

????網(wǎng)絡(luò)安全界對這樣的觀點(diǎn)已經(jīng)習(xí)以為常。大部分人都認(rèn)為，殺毒軟件早在七八年前就已不是首要的安全防御手段。目前業(yè)界傾向于采用更加靈活的監(jiān)測和反應(yīng)模型去構(gòu)建全方位的安全防御體系。思科（Cisco）安全業(yè)務(wù)集團(tuán)首席技術(shù)官布萊特?哈特曼說：“整個(gè)安全界早已棄用殺毒軟件，這不是什么新鮮事?！?/p>

????但作為安全領(lǐng)域的第一道防線，殺毒軟件的作用仍然十分重要。根據(jù)代伊的估算，傳統(tǒng)安全方法能防御45%以上的威脅。他強(qiáng)調(diào)，目前的問題是光靠殺毒軟件遠(yuǎn)遠(yuǎn)不夠。“我們在接受《華爾街日報(bào)》采訪時(shí)想表述的觀點(diǎn)是，僅靠殺毒軟件是不夠的，而我們對客戶也在一直強(qiáng)調(diào)這點(diǎn)，”代伊在接受《財(cái)富》（Fortune）采訪時(shí)強(qiáng)調(diào)?！皻⒍拒浖艿謸跻磺型{的時(shí)代已經(jīng)一去不返?！?/p>

????賽門鐵克公司諾頓（Norton）事業(yè)部副總裁弗蘭?羅施說：“如果只使用殺毒軟件，那你就危險(xiǎn)了?！?/p>

????不少信息安全公司已經(jīng)開始嘗試新的反惡意技術(shù)。瞻博網(wǎng)絡(luò)（Juniper Networks）就是一例。這家公司有意設(shè)置一些假漏洞，誘騙入侵者上鉤?！耙坏┧麄兘佑|到了這些故意設(shè)置的信息，我們就能打上標(biāo)記，”瞻博網(wǎng)絡(luò)副總裁兼信息安全部總監(jiān)納威?比塔爾說。然后，這家公司就會進(jìn)一步分析，這些入侵者是否是惡意的。

????其它一些公司則在積極并購。例如FireEye公司在年初收購了安全公司Mandiant，后者在探測網(wǎng)絡(luò)漏洞、追蹤和分析黑客方面頗有一套。半年前，思科也收購了安全信息服務(wù)商SourceFire。雖然這些并購交易表明，整個(gè)安全界的重心已從防護(hù)擴(kuò)展到監(jiān)測和反應(yīng)領(lǐng)域，但賽門鐵克的聲明無異于一顆重磅炸彈，因?yàn)樗砻?，賽門鐵克——商業(yè)化殺毒軟件的發(fā)明者已經(jīng)改弦易轍了。

????凱鵬華盈基金（Kleiner Perkins Caulfield & Byers）普通合伙人特德?施萊恩稱：“外界唱衰殺毒軟件沒什么，但就連殺毒軟件之父也出來唱衰殺毒軟件那就不一樣了。”施萊恩在上世紀(jì)八十年代曾參與開發(fā)了賽門鐵克第一款商業(yè)化殺毒軟件。

????賽門鐵克仍然有40%以上的營收來自殺毒軟件，但這塊業(yè)務(wù)如今每況愈下。從截至3月28日的季度財(cái)報(bào)來看，賽門鐵克營收同比下滑7%。

????安全咨詢公司Bishop Fox聯(lián)合創(chuàng)始人兼合伙人維尼?劉在郵件中寫道：“殺毒軟件的營收和增長前景黯淡。他們不是在坐視老式預(yù)防性技術(shù)的收益遞減，而是發(fā)現(xiàn)能通過適應(yīng)性工具獲得較高的投資回報(bào)率?！?/p>

????換言之，為了保持自身地位，賽門鐵克選擇了跟著錢走。市場研究公司高德納（Gartner）2013年5月的一份研究稱，“到2020年，60％的企業(yè)信息安全預(yù)算將用于快速監(jiān)測和反應(yīng)。2013年時(shí)，這個(gè)比例還不足10％?！边@顯然是個(gè)巨大的成長機(jī)遇。

????宣判殺毒軟件的死亡后，賽門鐵克公布了兩項(xiàng)新的高端安全服務(wù)，作為旗下現(xiàn)有企業(yè)級旗艦業(yè)務(wù)的補(bǔ)充。賽門鐵克希望向企業(yè)用戶報(bào)告安全威脅、分析黑幕活動(dòng)網(wǎng)絡(luò)以及檢測漏洞，借此與FireEye等競爭對手正面交鋒。

????AccessData首席戰(zhàn)略官克雷格?卡彭特在郵件中寫道：“這對賽門鐵克而言是一個(gè)明智的舉措?！笨ㄅ硖刂赋?，賽門鐵克近年來已經(jīng)掉隊(duì)了?！百愰T鐵克要想迎頭趕上（拿出可行的解決方案并將其推向市場），最快的方法就是依靠自身優(yōu)勢（龐大的客戶群和在客戶端的強(qiáng)勁實(shí)力），推出一兩項(xiàng)管理服務(wù)，并以合作伙伴生態(tài)系統(tǒng)填補(bǔ)關(guān)鍵的市場空白【例如威脅智能監(jiān)控、紅外（事件響應(yīng)）等】?！?/p>

????賽門鐵克今年三月份罷免了首席執(zhí)行官史蒂夫?本內(nèi)特，這是這家公司兩年來罷免的第二位首席執(zhí)行官。顯然，賽門鐵克力圖革新。施萊恩說：“處理自己的遺留系統(tǒng)極具挑戰(zhàn)性。我希望賽門鐵克能找到合適的領(lǐng)導(dǎo)者來實(shí)現(xiàn)變革。”

????但殺毒軟件真的已經(jīng)死了嗎？思科（Cisco）的哈特曼表示，沒有什么技術(shù)會徹底退出歷史舞臺，它們只不過會變得更加商品化，或是變得不那么有價(jià)值。羅施將殺毒軟件比作汽車安全帶。它是第一層保護(hù)；隨著汽車行業(yè)不斷發(fā)展、安全措施日益完善，又出現(xiàn)了肩帶、安全氣囊以及更好的防護(hù)設(shè)施。

????施萊恩說：“我認(rèn)為殺毒軟件有朝一日將變得毫無價(jià)值。但眼下它還發(fā)揮著很大的作用?！?/p>

????所以，先別急著卸載殺毒軟件。（財(cái)富中文網(wǎng)）

????譯者：項(xiàng)航

????Just over a week ago, Symantec's (SYMC) senior vice president of information security Brian Dye delivered a concise eulogy for anti-virus software. It "is dead," he told theWall Street Journal. "We don't think of antivirus as a moneymaker in any way."

????This isn't news to the cybersecurity community. Most agree that anti-virus lost primacy seven or eight years ago as a traditional prevention tactic. The notion of setting up perimeter defenses around a network to keep hackers out has given way to a more flexible detection and response model. "The entire industry has moved beyond anti-virus a long time ago," said Bret Hartman, chief technology officer of the security business group at Cisco (CSCO). "It's not a surprise."

????But anti-virus protection remains important as a first line of defense against threats. According to Dye's estimates, traditional cybersecurity methods catch more than 45% of threats. The problem, he says, is that anti-virus alone is insufficient. "The point that we were making in the interview with the Wall Street Journal and that we make with our customers on a regular basis is that anti-virus alone is not enough," Dye clarified in an interview with Fortune. "The era of anti-virus-only is over."

????"If that's all you're using to protect yourself, you're vulnerable," said Fran Rosch, senior vice president of Symantec's Norton consumer business.

????Other security firms have already begun implementing a new slate of security technologies. Juniper Networks (JNPR), for instance, lures malicious intruders into revealing themselves by placing bait within a network. "Once they touch a false piece of information we've planted, we flag it," said Nawf Bitar, senior vice president and general manager of the security business at Juniper. The company can then determine whether an intruder is up to no good.

????Others in the space are keeping up by acquisition. At the beginning of this year, FireEye (FEYE), for example, bought Mandiant, a cybersecurity firm able to investigate network breaches and track and detail hackers. Six months ago, Cisco purchased SourceFire, which also analyzes and tracks threats. Though the deals demonstrate that the industry at large is evolving beyond protection to detection and response, Symantec's announcement is particularly notable for indicating a sea change at the company that originally invented commercial anti-virus software.

????"It's one thing for the outside world to bash anti-virus," said Ted Schlein, general partner at Kleiner Perkins Caulfield & Byers, who helped create the earliest commercial anti-virus software products at Symantec in the late 1980s. "It's another thing for the anti-virus king to bash anti-virus."

????Symantec still rakes in more than 40% of its revenue from anti-virus products. But year-over-year, that revenue is in decline. In the company's latest quarterly earnings report, revenue fell 7% for the quarter ended March 28 compared to the same quarter last year.

????"The only dead thing about A.V. are its revenue and growth prospects," wrote Vinnie Liu, co-founder and partner at security consultancy Bishop Fox, in an email. "Instead of settling for diminishing returns on old school preventative technologies (e.g. A.V.), they're finding they can achieve higher R.O.I. from adaptive tools."

????In other words, in order to remain relevant, Symantec has chosen to follow the money. "By 2020, 60% of enterprise information security budgets will be allocated for rapid detection and response approaches," according to a May 2013 study by the market research firm Gartner, "up from less than 10% in 2013." That certainly sounds like an opportunity for growth.

????Following the pronouncement of the death of anti-virus, Symantec announced the additionof two new premium security services to its existing flagship products for business. The company wants to go head-to-head with competition like FireEye by briefing companies on threats, analyzing networks for shady activities and detecting breaches.

????"It is a smart move by SYMC," wrote Craig Carpenter, chief strategy officer from AccessData, in an email, noting that Symantec has lagged in recent years. "The quickest way for SYMC to catch up (i.e. get to market with a viable solution) is to launch a managed service or two leaning on their advantages (a large installed base and strong presence on the client) and filling in key gaps with a partner ecosystem (e.g. threat intelligence monitoring, IR [incident response], etc.)."

????Having ousted its second CEO in two years -- Steve Bennett -- in March, Symantec is clearly trying to reinvent itself. "It's challenging dealing with your own legacy system," said Schlein. "I hope they get the leadership in there to make those changes."

????But has anti-virus drawn really its last breath? Cisco's Hartman added that no technology truly dies, it just becomes more commoditized or less valuable. Rosch analogizes anti-virus software to the seatbelt in a car. It's the first layer of protection; as the industry continues to evolve and safety grows more sophisticated, shoulder strap, airbags, and better braces follow.

????"I think anti-virus someday won't be needed at all," Schlein said. "But right now it takes care of a lot of the known items."

????So don't uninstall just yet.