According to one leading company, antivirus software had a good run.

But Brian Dye, senior vice president for information security at Symantec, recently told the Wall Street Journal that as a product, the software is “dead.”

That’s not to say the company that first brought antivirus software to the masses is giving up on trying to prevent malicious online activity. Instead, Symantec will shift its focus away from preventing attacks and toward minimizing the damage and tracing the source.

After all, when 55 percent of cyberattacks go undetected by commercial software, as Dye points out, there’s a clear problem with the cybersecurity paradigm.

And the risk to smaller organizations is greater than ever before, as highlighted by a report Symantec released this year on internet security threats.

In 2013, 61 percent of spear-phishing attacks—intrusions meant to use personalized information against particular individuals in an organization—targeted those with fewer than 2,500 employees. Thirty percent were aimed at groups with 250 employees or fewer.

Everyone’s a Target

Just because your association is small doesn’t mean it won’t be targeted or that it can’t be used as a stepping stone to a larger group’s data.

“Today’s AV [antivirus] model makes everyone a sacrificial lamb,” cybersecurity firm FireEye said in a report following Dye’s remarks.

A competing cybersecurity platform, FireEye focuses on creating a comprehensive map of where the malicious intrusion took place, what data was breached, and where the attack originated, in addition to blocking the attack outright.

Symantec’s Future

Symantec holds 8 percent of the world’s antivirus market share and draws 40 percent of its revenues from its antivirus offerings, according to a survey by software company OPSWAT. But the business has undergone its fair share of turbulence. Former CEO Steve Bennett was forced out earlier this year, and investors are waiting on Thursday’s earnings call to get an update on the company’s recent financial performance.

But as Dye made clear to the Journal, Symantec will be shifting toward cybersecurity products that fall more in line with FireEye’s offerings.

For association IT professionals, Symantec’s readiness to switch to a more reactive philosophy should signal that perhaps it’s time to reevaluate whether placing antivirus software suites on employee computers is sufficient in today’s environment.

Could treating software like Symantec’s as a one-size-fits-all solution lead to problems? Tell us your thoughts in the comments.

(Symantec)