Anti-virus software is not good enough to proect organisations from cybercriminals/
Common anti-virus products are detecting only between 75% and 95% of malware, Felix Freiling, professor at the University of Mannheim told the ISSE 2009 security conference in The Hague.
AV producers should be co-operating more openly with academic researchers about what they are doing to tackle increasingly sophisticated forms of malware, he said.
The second basic problem is the poor quality of software code that is still full of security vulnerabilities.
This is not only operating systems, but also applications that load and process data, said Freiling.
The third basic problem is that end users do not take security seriously. They cant be bothered to use IT systems in a secure manner, he said.
These areas need to be improved, as malware is getting increasingly powerful and at the same time much harder to detect, said Freiling.
Cybercriminals are hiding malware through using encryption and other techniques and tapping into the power of networks of millions of hijacked computers to carry out attacks, he said.
Rolf Strehle, chief information security officer at German manufacturing firm Voith, said he had tackled the problem by developing a network anomaly detection tool in-house.
Since introducing the system over four years ago, Strehle said his security team had been able to identify and block a large number of threats that by-passed commercial products.
In this way we have also been able to detect malware attacks specifically targeted at Voiths research department, he said.
The system uses multiple sensors that scan for anomalies that are checked manually by a team of 12 system monitors.
There is no product on the market that could provide us this level of protection, Strehle said.