Antivirus Products Are Like Cold Medicine - Not A Rant

Antivirus products resemble cold medicine: established offerings have few differentiating characteristics, they treat symptoms rather than underlying problems, core technologies haven't changed dramatically, and selection is often based on brand perception rather than objective data. Marketing becomes the competitive differentiator.

The maturing antivirus industry exhibits several dynamics reminiscent of the cold medicine sector. This isn’t a criticism of antivirus products, but rather an observation that AV vendors can refine their business practices by learning from the more experienced pharmaceutical companies.

Consider the following similarities between cold medicines and antivirus products:

Cold medicine options are very similar in their ability to deal with colds (research 1, research 2). Established antivirus products have few meaningful characteristics that differentiate one tool from the other.

Cold medicines ease the symptoms of the infection, rather than attacking the underlying infection (research). Antivirus tools tackle individual malware cases, but underlying security problems remain to be resolved through other means.

The active ingredients used in cold medicines haven’t changed for many years (listing). Antivirus technologies still incorporate malware detection approaches developed a while back (though new technologies are evolving).

Consumers’ understanding of cold medicine effectiveness is based on limited personal experience and brand perception, rather than objective research. Antivirus product selection tends to follow similar subjective and brand-based criteria.

A paper by Zahra Ladh points out that during the 1980’s and 1990’s, “the pharma industry enjoyed success over an extended period achieving double-digit growth consistently. The success of the industry depended on strong R & D, the use of patents and a powerful sales force.” With the growth rate slowing down, the industry increased its investment into marketing and branding strategies.

Similarly, with the antivirus industry becoming crowded with vendors and with the standard AV products exhibiting commodity-like characteristics, the antivirus vendors are focusing on stronger branding for their products. Marketing for the mass-market is expensive, which is why large AV companies have an edge in this respect over the smaller vendors.

Understanding the similarities between antivirus products and cold medicine (and pharma) industries can help AV vendors learn from the business development and marketing approaches utilized by pharmaceutical companies. At the same time, users of antivirus products should look more closely at the effectiveness of the tools they are purchasing and should demand that the vendors provide more details about the products’ capabilities than talking using general terms like “cloud antivirus” or “most powerful solution.”

About the Author

Lenny Zeltser is a cybersecurity executive with deep technical roots, product management experience, and a business mindset. As CISO at Axonius, he leads the security and IT program, focusing on trust and growth. He is also a Faculty Fellow at SANS Institute and the creator of REMnux, a popular Linux toolkit for malware analysis. Lenny shares his perspectives on security leadership and technology at zeltser.com.

Learn more →