Symantec says antivirus software 'is dead'

The company takes the unusual step of declaring one of its major business lines obsolete.

By MSN Money Partner May 5, 2014 3:41PM
Image: Man with laptop © Comstock Images/JupiterimagesBy Danny Yadron, The Wall Street Journal

Symantec (SYMC) invented commercial antivirus software to protect computers from hackers a quarter-century ago. Now the company says such tactics are doomed to failure.

Antivirus "is dead," says Brian Dye, Symantec's senior vice president for information security. "We don't think of antivirus as a moneymaker in any way."

Antivirus products aim to prevent hackers from getting into a computer. But hackers often get in anyway these days. So Mr. Dye is leading a reinvention effort at Symantec that reflects a broader shift in the $70 billion a year cybersecurity industry.

Rather than fighting to keep the bad guys out, new technologies from an array of companies assume hackers get in so aim to spot them and minimize the damage.

Network-equipment maker Juniper Networks (JNPR) wants customers to place fake data inside their firewalls to distract hackers. Shape Security Inc., a Silicon Valley startup, assumes that hackers will steal passwords and credit-card numbers so seeks to make it difficult to use the pilfered information.

FireEye (FEYE) created technology that scans networks for malicious-looking computer code that made it past the first line of defense. FireEye recently paid $1 billion for Mandiant, a small firm led by former Air Force investigators who act like cyber-Ghostbusters after a data breach.

Symantec seeks to join the fray this week. It is creating its own response team to help hacked businesses. Within six months, the Mountain View, Calif., company plans to sell intelligence briefings on specific threats so clients can learn not just that they are getting hacked, but why as well. Symantec also is developing technology to look for more-advanced malicious software inside a network that mimics offerings from its rivals.

The company needs a turnaround. Revenue fell in each of the past two quarters, though profit rose because of cost cuts. The company, which reports earnings Thursday, forecast revenue of $1.62 billion to $1.66 billion for the quarter through March, down at least 5 percent from a year earlier. The company in March fired Chief Executive Steve Bennett, the second time in two years it had ousted a CEO.

Mr. Dye, who has spent more than a decade with Symantec, says it was galling to watch other security companies surge ahead. "It's one thing to sit there and get frustrated," he says. "It's another thing to act on it, go get your act together and go play the game you should have been playing in the first place."

Symantec pioneered computer security with its antivirus software in the late 1980s. The technology keeps hackers out by checking against a list of malicious code spotted on computers. Think of it as an immune system for machines.

But hackers increasingly use novel bugs. Mr. Dye estimates antivirus now catches just 45 percent of cyberattacks.

That puts Symantec in a pickle. Antivirus and other products that run on individual devices still account for more than 40 percent of the company's revenue. Specialized cybersecurity services for businesses account for less than one-fifth of revenue and generate smaller profit margins. It would be impractical, if not impossible, to sell such services to individual consumers.

Ted Schlein, who helped create Symantec's first antivirus product, describes such software as "necessary but insufficient." As a partner at venture-capital firm Kleiner Perkins Caufield & Byers, Mr. Schlein invests in new cybersecurity companies that compete with Symantec.

Mr. Dye says Symantec's Norton security suite has evolved beyond antivirus software and already looks for suspicious activity that may come from previously unseen viruses. It also includes, among other things, a password manager, a spam blocker and a tool that scans a user's Facebook feed to guard against dangerous links.

The company has no plans to abandon Norton but will find revenue growth in its new product lines, he says. "If customers are shifting from protect to detect and respond, the growth is going to come from detect and respond," Mr. Dye says.

Other traditional antivirus makers such as McAfee, Intel's (INTC) security unit, have moved in the same direction. Michael Fey, McAfee's chief technology officer, says there is typically a two- to three-year lag on developing the technology Symantec seeks to create. "They haven't been part of the thought-leader group for some time," Mr. Fey says.

International Business Machine (IBM) on Monday plans to unveil its own security suite that looks for irregular behavior in computer networks.

If Symantec has an opening, it is that no security company has determined how consistently to defeat the most ambitious hackers from China, Iran and the former Soviet bloc. Hackers linked to Iran last spring breached the digital perimeters of energy companies and one of the U.S.'s five biggest banks but were caught before moving further into the systems. The incidents were notable because the two industries have among the best private-sector cyberdefenses.

Cybersecurity firms also want to help discern the most serious threats from the less serious. Before Target Corp. (TGT) was breached last year, FireEye security equipment alerted the retailer to suspicious activity. But the company decided it didn't require follow up. Former Target employees say the team lacked the resources to pursue all threats.

"What do we do with all the things that we're 60 percent sure are a problem?" Mr. Dye says. Analysts say Symantec's software runs on so many machines that it may be able provide more guidance on which hackers can be ignored and which are truly a problem.

—Spencer Ante contributed to this article.

More from The Wall Street Journal

May 5, 2014 4:56PM

Find the hackers and give them 20 years minimum. No plea agreements, no if ands or buts. And remind them that they're going to be someone's girl friend for 20 years or more.

May 5, 2014 4:06PM
My experience with Norton is it's more intrusive than the hackers! And customer service? Good luck with that.
May 5, 2014 5:40PM
I'm working on the anti-anti-virus. Hack me and you will be pinged back with a dissolving program. Your computer will freeze, your phone will die, and your toilet will flush automatically every two minutes.
May 5, 2014 4:46PM
Its really sick when they make us do everything on computers these days and now everything we do and everything we are is available to every low life scumbag hacker in the world. Some jerk in Eastern Europe can drain your bank accout in a minute.  Why even bother having passwords since hackers know what they are the minute you change them. I don't do online banking or bill paying and keep my money in at least 4 different banks, in case their systems are compromised. I would hope all the banks systems wouldn't be compromised at the same time. I check all my bank statements and report any mis-use and place a claim. I was involved in that Target breach. My card was not used but I went to my bank and changed the card right away. I don't trust anything done by a computer as far as I can throw the thing. I assume everyone sees everything I do and if my camera is pointed to where it can see anything they are probably seeing that too.      
May 5, 2014 5:55PM
Norton, McAfee and other bloated security software cause more problems than they solve, attempting to monitor firewalls, email clients and other software while also offering registry cleaners, free space wipers, etc, etc, etc, causing freezes, shutdowns, black screens, blue screens and many other problems. They aren't worth the money and as far as I'm concerned they're worse than the malware they are supposed to protect you from. Their technical support amounts to "uninstall and reinstall your operating system. Our product cannot be causing the problems you are experiencing."
May 5, 2014 6:05PM
First Symantec offered Antivirus programs with "unlimited" updates.  Then it started charging an annual fee for its updates.  In the meantime, other, "freeware/shareware" companies offered similar products that worked better and ate up less of your computer's resources.  But, it still looks like Symantec is making a bundle on its products.

What the technogeeks should be working on, instead of "defenses" for your computer, they should be working on "source-seeking and eradication" software that immediately identifies the source of malicious codes and zaps them at the source and immediately identifies the origin and reports it to internet cops who can surgically isolate the hacker(s) if not catching them red-handed for prosecution.  That would put a halt to the lucrative hacker dirge that is flooding the internet.  If it is no longer a low-risk, lucrative enterprise, they will stop - or, at least slow down.  If nothing else, it will make their efforts so difficult, it just won't be worth it.  But then, what would companies do that make their livings providing the same old technologies?

If computer and software makers want us to buy their products, then they should be more proactive in securing their systems and software.

May 5, 2014 5:31PM
20 years is not nearly good enough...a bullet in the back of the head ..televised!!
May 5, 2014 4:17PM

NSA = Worlds Biggest Hacker


How are you gonna keep them out?

They don't even have to get in, they strong arm you data from your suppliers.

May 5, 2014 5:00PM
That's why everyone uses their work computer to surf & shop.  They assume the corporate anti hack protection is better than anything we can aford at home. 
May 5, 2014 7:08PM
 As time has gone on antivirus software has gotten more expensive and less effective. Customer service is often ineffective or worse.
May 5, 2014 5:34PM
Whose to say that the very virus companies purporting to protect us aren't the ones writing the malicious code to keep themselves in business?
May 5, 2014 6:45PM
I don't think that antivirus is worthless.
May 5, 2014 7:37PM
Norton was on the Honeymooners show. He  worked for the NY sewer department and described his job as a "Sub-supervisor in the sub-division of the department of sub-terranian sanitation".  He just kept things moving along.
May 5, 2014 7:55PM

Norton and McAfee are worthless, gave up on them years ago.

The best products are free or  have a modest charge.

Check out for yourself  products like MalwareBytes Pro, Super Anti Spyware, Hitman Pro, Avast among others. I use the first three of those in addition to Avira as my antivirus and Windows firewall. It's called the layered approach and I have no conflicts amongst the programs.

There are also free firewalls like Outpost and Online Armor.

Use common sense browsing practices and good passwords. but make them long, at least 14-15 charcters, with mix of upper and lower case, numbers, and symbols.

May 5, 2014 8:56PM
Your product is the biggest piece of junk I have ever bought. When I had your program I couldn't do anything else, the computer would often be slow to respond, and would often lock up. Glad your out of the business as you did it to yourself. What are you going to do will all the MILLIONS that you ripped from all your FORMER customers?  You are one of the biggest scams going !!!
May 5, 2014 8:49PM
I never use the computer to pay bills..... I always use the United States Postal Service.... I mail the bills out about 5 days before they are due and I never had a problem yet.   Wake up people and smell the coffee.. Postal Service has been around for over 100 years and it's cheap believe me....
May 5, 2014 4:54PM
May 5, 2014 7:09PM
When you have a country hell bent to hack your citizens and counterfeit your currency and there isn't anyways to stop them because this is backed by their government and the only way to stop it is to either go to war or stop dealing with them completely then we are screwed.  Because, we wont stop dealing with them.
May 5, 2014 5:50PM
I don't think anyone can be sure that hackers can zap them so I am slowly stopping all communication anyone who has my private information. Probably too late but the best I can do. No more bank statements, credit card checks. That's it just use the ole puter for playing games and email.
May 5, 2014 7:36PM
Symantec shot themselves in the foot when they began releasing their Endpoint product a few years ago. Prior to that you simply paid an annual fee for software and virus defs updates. All worked very well. Until Endpoint. As a network admin for over 20 years (and I actually go way back to paper tape and punchcards), Endpoint requried a significant learning curve and downtime just to install. Unless, of course, your IT budget could include an hourly rate of $150.00+ to have one of their techs connect and install for you (on your propritary corporate servers). Any application which commands this degree of outside assistance for this price point should never be considered when the ongoing concept is the same as well as (hopefully) the end result. There are many other better alternatives to Symantec and especially MacAfee.
Please help us to maintain a healthy and vibrant community by reporting any illegal or inappropriate behavior. If you believe a message violates theCode of Conductplease use this form to notify the moderators. They will investigate your report and take appropriate action. If necessary, they report all illegal activity to the proper authorities.
100 character limit
Are you sure you want to delete this comment?


Copyright © 2014 Microsoft. All rights reserved.

Fundamental company data and historical chart data provided by Morningstar Inc. Real-time index quotes and delayed quotes supplied by Morningstar Inc. Quotes delayed by up to 15 minutes, except where indicated otherwise. Fund summary, fund performance and dividend data provided by Morningstar Inc. Analyst recommendations provided by Zacks Investment Research. StockScouter data provided by Verus Analytics. IPO data provided by Hoover's Inc. Index membership data provided by Morningstar Inc.


StockScouter rates stocks from 1 to 10, with 10 being the best, using a system of advanced mathematics to determine a stock's expected risk and return. Ratings are displayed on a bell curve, meaning there will be fewer ratings of 1 and 10 and far more of 4 through 7.

123 rated 1
262 rated 2
480 rated 3
651 rated 4
649 rated 5
629 rated 6
616 rated 7
496 rated 8
346 rated 9
111 rated 10

Top Picks

TAT&T Inc9



Top Stocks provides analysis about the most noteworthy stocks in the market each day, combining some of the best content from around the MSN Money site and the rest of the Web.

Contributors include professional investors and journalists affiliated with MSN Money.

Follow us on Twitter @topstocksmsn.