Sometimes the insight is deeply hidden in the lack of insight. Remember my “Survey on Anti-malware Effectiveness Perception”? I asked one question: What percentage of incoming malware do you think is caught by traditional anti-malware products at a typical organization?
Here is what I got:
An utter mess, as a statistician would say! Compare to my other survey which came out nice and clean.
Here it is with cumulative counts (0-10%,0-20%,0-30%, etc):
Just as big of a mess…
What can we learn form this?
- We have no idea whether AV works or not. None whatsoever! Nada! Zilch! Nul!
Let’s do some “big data analytics” on this survey (after all, 68 responses is BIG DATA…right?!). Specifically, we’ll use an advanced analytic algorithm of addition (ZOMG! A math wizard…run…run!) and add up the numbers in the 0-50% range and those in the 50-100% range. If you do that, the sheer force of irony may strike you dead:
- 0%-50% of malware is caught by AV: 50% of all survey votes
- 50%-100% of malware is caught by AV: 50% of all survey votes
Previous surveys and results: