Speaking at the Kiwicon hacking conference in Wellington, New Zealand, Google senior security engineer Darren Bilby has asked fellow hackers to expend less effort on tools like antivirus and intrusion detection and instead focus on more meaningful defenses such as whitelisting applications.
Telling users not to click on phishing links and to download strange executables effectively shifts blame to them and away from those who manufactured hardware and software that is not secure enough to be used online.
“We need to stop investing in those things we have shown do not work. And sure you are going to have to spend some time on things like intrusion detection systems because that’s what the industry has decided is the plan, but allocate some time to working on things that actually genuinely help. […] Antivirus does some useful things, but in reality it is more like a canary in the coal mine. It is worse than that. It’s like we are standing around the dead canary saying ‘Thank god it inhaled all the poisonous gas’,” he said.
You can read more at https://goo.gl/AafpsF.