Sometimes the insight is deeply hidden in the lack of insight. Remember my “Survey on Anti-malware Effectiveness Perception”? I asked one question: What percentage of incoming malware do you think is caught by traditional anti-malware products at a typical organization?
Here is what I got:
An utter mess, as a statistician would say! Compare to my other survey which came out nice and clean.
Here it is with cumulative counts (0-10%,0-20%,0-30%, etc):
Just as big of a mess…
What can we learn form this?
- We have no idea whether AV works or not. None whatsoever! Nada! Zilch! Nul!
Let’s do some “big data analytics” on this survey (after all, 68 responses is BIG DATA…right?!). Specifically, we’ll use an advanced analytic algorithm of addition (ZOMG! A math wizard…run…run!) and add up the numbers in the 0-50% range and those in the 50-100% range. If you do that, the sheer force of irony may strike you dead:
- 0%-50% of malware is caught by AV: 50% of all survey votes
- 50%-100% of malware is caught by AV: 50% of all survey votes
Previous surveys and results:
- Survey on Anti-malware Effectiveness Perception
- Survey: How Many Security Incidents Have You Had Over the Last 12 Months?
- Security Incident Response Survey Results
Read Complimentary Relevant Research
Security Monitoring and Operations Primer for 2017
Security monitoring and operations excellence is a key component of any effective security program. Gartner's 2017 research will guide...
View Relevant Webinars
Equip Your IAM Risk-Based Planning With a Comprehensive Risk Model
Assessment of more than 50 large IAM deployments have shown suboptimal IAM solutions with arbitrary priorities, missing time and budget...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.