From Russia With Security HelpFrom Russia With Security Help

For security vendors that depend on Windows vulnerabilities to sell products, Microsoft's recent security-related acquisitions and strategy announcements threaten to reverse a trend of strong revenue growth.

The malware-plagued online world has translated to healthy sales for companies such as McAfee, Symantec, and Trend Micro and paved the way for up-and-comers like Moscow-based Kaspersky Lab. Yet despite Microsoft's growing focus on security, CEO Eugene Kaspersky thinks there will be plenty of business to go around. "Microsoft will have pre-installed protection against a lot of threats but not against all of them," he says. "In the modern Internet environment, which is very aggressive, that's not enough."

Kaspersky Lab, which boasted $27 million revenue in 2004 and 80% year-to-year growth, last week revealed plans to open an independent U.S. entity, Kaspersky Lab Inc. The company has had a presence here for years though original equipment manufacturing partners such as F-Secure Corp. and MailFrontier Inc. that use its antivirus engine in their products. Now Kaspersky sees an opportunity to directly profit from the booming antivirus and security market in the United States.

Of course, the same can be said about Microsoft. At the RSA Conference in San Francisco on Tuesday, Microsoft chairman Bill Gates reiterated his company's commitment to security as its primary focus. He pointed to Microsoft's recent acquisition of antivirus and anti-spam company Sybari Software Inc. and of anti-spyware vendor Giant Software Company late last year as indicative of his company's steps to make computing more secure. And he promised a Microsoft antivirus system for consumers by the end of the year. Yet Kaspersky contends that the Microsoft's SpyNet community, which reports malicious software so it can be blocked thereafter by Windows AntiSpyware, will only catch the most widely distributed malware. "Microsoft will protect against 80% of the outbreaks," he says. "We will protect against 99.99% of them."

Citing the arrest of more than 100 high-profile hackers internationally last year, he says cybercriminals have been moving toward smaller-scale, more-targeted attacks to avoid the attention of the FBI and other law-enforcement agencies. Such attacks, he says, won't result in enough feedback to SpyNet to trigger an immune response.

"Microsoft will be like a standard lock on a car," he says. "Usually, that's good enough. But in an aggressive environment, you install an additional alarm system."

The Kaspersky Lab alarm system appears to work well. In a February 2004 study conducted by AV-Test.org, a project of the Business-Information-Workgroup at the Institute of Technical and Business Information Systems at the Otto-von-Guericke University Magdeburg in Germany, Kaspersky Lab and BitDefender, another antivirus company, were found to have the best response time to virus outbreaks. The two delivered a protective signature in less than four hours, compared with 10 hours on average. McAfee and Symantec matched this if one counts beta virus signature releases, which Kaspersky Lab doesn't in its public-relations literature.

Kaspersky Lab also offers updates with more frequency than its competitors, some 600 each month, according to the company, compared with rates a tenth of that or less from other security software vendors. McAfee just said it would offer daily antivirus updates beginning Feb. 24. Kaspersky Lab offers them hourly.

While Gates only mentioned that Sybari's security technology would make its way into Exchange, Live Communication Server, and SharePoint, Kaspersky predicts Microsoft will add it other products in time. And that's OK with him. "We're completely satisfied with that," he says with a smile, "because Sybari uses our engine."