Now please note that the title says as a First Line of Defence - ie you still need these technologies but they aren’t working as effectively as they used to.
For example a delegate in John Stewart’s key note speech challenged him about John’s thoughts on the effectiveness of virus checkers quoting that virus checkers had actually got better working up to 98% effectively in detecting malware.
However the point was that even 99% effectiveness is bad news when thousands of thousands of malware is being created monthly.
If we think 1000 pieces of malware is created then 1% that escapes detection is equivalent to ten pieces of malware which has got through our defences with an implication that our systems would have been hit ten times.
All it takes is for the malware to increase to 10,000 new pieces and we have 100 new infections assuming our virus checker is 99% effective.
If it gets as bad as some predict ie up to 100,000 pieces of malware produced monthly then our 99% effective virus checker will let through 1000 pieces.
Obviously some of these figures are theoretical but I think you get the point about the effectiveness as a first line of defence. Sites such as www.shadowserver.org and Cisco’s www.ironport.com can help with gaining daily assessments of the current cyber threat levels.
You may also be interested to read the following blog post from Alex Eckelberry of Sunbelt Software, and syndicated by ITProportal.com, where he stated in January 2008 that they are currently processing gigabytes of malware daily.