Why one virus engine is not enough
Multiple virus engines are needed to reduce time lag between virus outbreak and signature update
It is a well known fact that viruses, trojan horses, worms, spam, and other forms of malware present a real threat to all modern-day organizations and affect productivity and business operations negatively. According to the 2006 FBI Crime and Security Survey, 97% of organizations have anti-virus software installed, yet 65% have been affected by a virus attack at least once during the previous 12 months. Network World cited studies that placed the cost of fighting Blaster, SoBig.F, Sober and other email viruses at $3.5 billion for US companies alone. Similarly a 2006 study by the British government found that 43% of companies in the United Kingdom were infected by viruses during 2005.
Responsible organizations agree that they need to protect their network from virus attacks by installing an email security product. Yet malicious code is becoming more sophisticated and is advanced everyday as virus writers hone their skills and sharpen their code to stay one-step ahead of virus detection methods, penetrating anti-virus and firewall solutions with alarming regularity. The success of these viruses is, to a large part, linked to the flawed logic and inherent weakness of protection strategies that are based on a single scanning engine to assess the threat of incoming files.