Syda Productions - stock.adobe.c

The Security Interviews: Can AV go from dodgy scareware to cyber hero?

Alun Baker, CEO of Clario, is on a mission to rehabilitate the image of consumer security products and take the fear out of selling antivirus. We find out how things are changing

Until recently, if you told a security professional you were protecting your Mac with a piece of antivirus software called MacKeeper, they would probably have told you to delete it from your machine immediately – and with good reason.

Although built with the best of intentions, MacKeeper – which was developed and sold by a company called Zeobits and later sold on to a company called Kromtech – suffered from a host of problems.

Reviewers tended to question its effectiveness or necessity, and accused it of exploiting fear, uncertainty and doubt among Mac users, while users complained of aggressive and misleading advertising and affiliate marketing practices.

At one point, Kromtech even faced a class action lawsuit from disgruntled customers who alleged they had been conned into paying for unneeded fixes, while threat researchers branded the product a potentially unwanted application, or PUA – a small step from malware.

Kromtech’s and MacKeeper’s reputation was at rock bottom, but now a new owner is set on changing this, and he fancies a shot at changing the face of the consumer security industry as well.

About 18 months ago, Alun Baker, a specialist in restructuring B2C and B2B tech companies to prepare them for M&A, growth or exit, was approached to look at Kromtech and, in his words, to see what he could do in terms of taking the firm on a “transformation journey”. He was perhaps not entirely surprised by what he found.

“Let those without sin cast the first stone in the [cyber security] industry, because it was notorious,” he tells Computer Weekly. “And I think it did what everybody else did in the market – the product was downloaded onto people’s laptops and devices without them being aware of what they’d downloaded. That was just something that you saw, and frankly you still see a lot of sharp practices like this.”

However, with a practised eye for growth opportunities, it rapidly became clear to Baker not only that Kromtech and MacKeeper were worth saving, but that the fundamentals of the underlying business were ripe for transformation. He set up Clario to take on the task.

“I just saw this most incredible situation,” he says. “The security market is so open to being disrupted for one simple reason – everybody in this sector is at least 10 years old and they’re coming at this from antivirus as the core starting point for solving a problem.”

The antivirus problem

“The stats show that cyber crime is out of control, it’s going to go from three to six trillion dollars over the next two years and it’s growing at 34% a year. So whatever anyone is doing is fundamentally failing,” Baker adds.

Baker believes the security industry’s core problem stems from these overtly aggressive sales and marketing tactics that rely on sowing fear, uncertainty and doubt among end-users, and on the off-chance that the message gets through to consumers, all they hear is off-putting technical jargon and all they see is big red Xs and messages like “VIRUS ALERT”.

“That’s my favourite one,” he says. “How many of us have sat in front of a computer and it’s said ‘I’ve scanned your hard drive and found 10 viruses’? And mostly, we simply don’t engage in that, we switch off from it. We might not even trust the results. Consumers see something they are not that familiar with, and therefore not that engaged with, and so they really don’t understand the size of the problem.”

Then there is the troubling persistence of the term “virus”. The average consumer will certainly have heard of computer viruses, but would probably be hard-pressed to explain what they are. Many people are only really concerned about them because the only security lesson they have ever absorbed is that they should be concerned about them.

And that’s before we have even begun to consider cyber security threats that are not viruses.

“Antivirus is a device-centric approach to cyber security, and that’s a fraction of the percentage of the threat,” says Baker. “Most threats come from other things, like malware, from people phishing on websites, from MageCart. It’s got nothing to do with your device.”

So why has the antivirus message been so persistent? Baker reckons it’s because antivirus products have come to be seen as something that everybody should have as a basic piece of housekeeping, whether as a paid-for product or as a free version – and the free version is almost certainly selling your data, as users of Avast recently found to their cost.

Essentially, he says, treating antivirus as a tick-box exercise has made consumers dangerously complacent about cyber security.

“If you think about it, how many people feel affectionately about antivirus?” says Baker. “What we are doing with Clario is building a product that is engaging and makes you want to participate in your personal cyber security and protection and protect your privacy.

“We see so many headlines: I’m being tracked, my data is being sold, somebody has lost my data. What does that mean? I don’t see any solutions and I see consumers are pretty much ambivalent, simply because they’re confused.”

Digital lifestyle

The goal of Clario’s new, eponymously named, product is to take on this challenge, and change consumer from a staid, device-centric model to a digital lifestyle choice that empowers and, crucially, informs the end-user about what is going on.

“If you look at some of the really interesting disruptors in the digital market, like Airbnb, Monzo or Uber, they took traditional, old-fashioned principles and applied amazing user experiences and interfaces,” says Baker.

“So this is what I looked at. I asked, what if we could create a tone of voice that consumers truly understood, that was engaging, that educated them in security processes, and that made it simple for them to protect themselves.”

In practice, this means not talking about giving you protection against malware, phishing, data leaks, and so on, but rather talking about protecting your identity, your data, your device and your money.

These areas are all highlighted on Clario’s dashboard, from where users will be able to access simple, buzzword-free, high-level information about the things they should be concerned about, while at the back end, automated security protections guard against threats. Baker says it is an engaging and simple user interface that doesn’t overcomplicate security.

Read more from The Security Interviews series

“When we notify you, you will get a message and it will say there have been two attempts on your router, but don’t worry, it’s all sorted,” he says. “That’s all you get from us – you won’t get a spinning wheel saying you need to run your antivirus.

“People don’t want any more than that. If you want to drill down into what happened, you can in the software, but that’s for people who are much more technical and really want to immerse themselves in it. We don’t want you to feel you have to do that, because you haven’t got time. This is your digital life, it’s fast-paced, and it should be absolutely as safe as it can be.

“What we’re also doing, which is very important, is scanning the dark web for your email and password combinations and any time we see it come up on the dark web, we’ll send you a notification to tell you we have just noticed this, you need to pay attention to the following things, and here’s our advice.”

The service is also constantly learning about its users’ day-to-day online behaviour to tailor itself better. If, for example, the user has a habit of frequently connecting to public Wi-Fi hotspots, Clario will simply activate its on-board VPN and tell the user it has taken this step, and how to change their settings if they wish.

If all else fails, or Clario comes up against a problem that it can’t fix on its own, users will be directed to make an appointment with one of its 600 technical experts, who can either fix the issue themselves, or walk the user through the process.

“I wanted to make this something users want to get engaged in, and they find it as intuitive and as desirable as possible,” says Baker.

Zero to hero?

But beyond developing Clario as a means to take on the task of changing the look, feel and focus of consumer security products, what of the legacy problem app, MacKeeper? The Clario team has been hard at work here too, rehabilitating the old product by going back to that idea of flashing pop-up warnings and big red Xs.

Then, Baker took a sledgehammer to the MacKeeper product, eliminating hundreds of mechanisms and features, and cleaned up its act, building an entirely new version of it.

“What I’m delighted to be able to say now is that MacKeeper, today, is the only AppEsteem certified full-suite cyber product on the market,” he says. “That is so onerous, it has massive impacts on your typical conversion rates and much more, but we sacrificed everything to clean this product so that AppEsteem would certify it.

“We are now also Apple notarised. Apple had blocked MacKeeper initially because of its history, but we’ve been through a journey, explained what we’ve done, and they’ve had a really close look at what we’re doing and how we’re doing it. It’s unbelievable in many people’s eyes, but we are now Apple notarised.”

A lot of the old installs of MacKeeper are no longer active, but nevertheless Clario has embarked on an extensive upgrade campaign to get its remaining users onto the upgraded, certified product, emphasising the changes made and proving they are validated.

“We hope the MacKeeper community will stay, because the product will evolve over time, and we do have plans for it over the next 12 months,” says Baker.

Read more on Antivirus, firewall and IDS products