PC Matic CEO Rob Cheng’s 2016 Predictions Come To Pass

PC Matic CEO, Rob Cheng, has always had his finger on the pulse of evolving cyber security technology. It’s what led him to found PC Pitstop in 1999, the company that later became PC Matic. His insights have always been ahead of his contemporaries.

Back in 2016, Mr. Cheng sat down with Bob Bragdon, publisher of CSO. For reference, “CSO is the leading information source for chief security officers (CSOs) and senior executives when making critical decisions regarding effective security and risk practices while driving business forward.”

Mr. Bragdon shared a statement made two years earlier, in 2014, by Symantec declaring antivirus to be dead. Similarly, Gardner stated that the focus should be changed from prevention to detection and response. Mr. Bragdon asked Mr. Cheng his thoughts. What followed was an insightful look at the future of ransomware. Many of Mr. Cheng’s predictions came to pass. Let’s take a look at the most important points.

Antivirus Is Dead

Rather than declare antivirus dead, Mr. Cheng suggested that we abandon the use of the blacklist. He explained the differences to Mr. Bragdon, noting that whitelist is effective prevention because it only allows through the known good. Whitelist is the only preventative measure against polymorphic viruses. Because polymorphic viruses are able to mutate, traditional antivirus, or blacklist software, was inefficient because someone would always have to be infected before that particular strain was identified and stopped.

A good deal of the apprehension toward the whitelisting approach, however, revolves around the prevalence of false positives. That, in turn, creates more work for IT staff to update and maintain the whitelist. Mr. Cheng’s answer to this was a policy still in effect at PC Matic today. Our Support Team does the work of updating and maintaining the whitelist. We also provide support to customers and IT specialists using our products. 

In the wake of the shortage of IT professionals, and the security concerns raised in the past year by businesses, this helps fill part of the gap in security. By removing the burden from an already stressed IT team, we free up their ability to monitor other security issues within their organization. It’s a win-win.

So Mr. Cheng’s comment that abandoning prevention completely would be a “misstep” was spot on. In fact, in April of 2019, the Cybersecurity & Infrastructure Security Agency (CISA) released a whitepaper with clear guidelines for ransomware prevention. The final bullet point in the prevention guidelines was to use and keep updated preventative software.

The Evolution of the Attack

When asked about his predictions, Mr. Cheng noted the rise of polymorphic ransomware. In 2016, it wasn’t that prevalent. By 2019, 93.6% of malware was polymorphic. Mr. Cheng’s foresight was spot on with the progression of ransomware.

But the evolution of the viruses wasn’t the only prediction Mr. Cheng made. He explained to Mr. Bragdon that the exploitation of vulnerabilities on the machine would go far. It hadn’t yet been used as a primary source of attack. 

While there have been other instances in the 5 years since Mr. Cheng’s prediction, the most notable, has been in the recent news. After the SolarWinds breach, ransomware attacks have exploded. On March 11th 2021, Microsoft disclosed the Microsoft Exchange vulnerabilities were being used to facilitate ransomware attacks.

Right in line with Mr. Cheng’s predictions, one of the largest software giants on the planet was compromised via an exploitation of vulnerabilities.

Where Security Is Needed

Mr. Cheng was passionate about the need for endpoint security. “Technology is so embedded in everything we do,” Mr. Cheng says, noting that everything from schools to hospitals to government are all reliant on their endpoints. Indeed, these have all made news in the past year for continual security breaches.

To his point, 70% of successful attacks in 2019 originated on the endpoint. So the suggestion of focusing less on endpoint security by both Symantec and Gardner was not only misplaced, but also a dangerous lack of foresight. Endpoint security is more crucial than ever.

The Cost of Ransomware

At the time of the 2016 interview, the numbers for ransomware in 2015 were in. The FBI stated that the total cost for that year was around $20 million. Acer computer manufacturer was hit in March of 2021 with a single ransom of $50 million which was double that of the 2015 overall total for all ransomware. By the end of 2021, 6 years later, the estimated yearly cost of ransomware will be over $20 billion

But monetary values aren’t the only costs of ransomware. As we outlined, in our Work From Home report, there are business and human costs associated with ransomware as well. Prevention is a key part of minimalizing the effects it has on real people.

As we look to the future of ransomware, we can only speculate where it will go. We can guess, however, that Mr. Cheng has a pretty good idea of what that future looks like. Let’s make sure we’re listening.

Watch the full interview below.

 1,815 total views,  9 views today

(Visited 1 times, 1 visits today)

6 thoughts on “PC Matic CEO Rob Cheng’s 2016 Predictions Come To Pass

  1. My older brother told me about pc matic, he worked writing programs for a large corporation at the time. He said he used it and never had a problem. I figured good for him good for me, i have had it since 2016 never had a problem

  2. I have had PC for two years then 4/08/19 I needed a new computer I was told in order to make my warranty good had to have the there virus covered my new hp pavilion had it almost a year before my subscription was over got hacked took it back to get it fixed then installed P.C. Matic. going on year two now working great

  3. I’ve had PCMatic now for over 5 years!! Before I bought PCMatic i was getting hacked on a regular basis. It’s now over 5 years and i have not been hacked or had ransomware try to disrupt my lifestyle financially. Thank you PCMatic and staff for always being there and protecting me and my family.

  4. Thank you, Mr. Cheng. I now understand what white list means. I still don’t use my credit card and order on the internet. If I see something I want, there has to be a phone number on the page. Clothing: I copy the style # and price, and phone #. I haven’t had trouble that way. No phone #, I don’t buy the item!! I’ve had PCMatic two years now and am very satisfied.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.