12 Things You Probably Didn’t Know About Online Security

At the RSA Conference in San Francisco last week, I had the opportunity to sit down with Stephen Cobb, a renowned cybersecurity researcher from ESET, a global IT security company. Our conversation explored the evolving threat landscape, from mobile malware to the nuanced role of controlled digital ecosystems—or “walled gardens”—in fortifying device security. What emerged was a compelling look at both the challenges and surprising truths shaping today’s cybersecurity environment.

We covered a range of insights that shed light on industry practices, emerging threats, and what organizations and everyday users need to know. To make these insights more accessible, I’ve outlined the key takeaways below. Whether you’re evaluating antivirus software, managing enterprise network security, or simply concerned about data protection, you’ll find relevant and perhaps unexpected information here.

12 Surprising Truths About Online Security

  1. Big Data has long powered cybersecurity—before it had a name. Long before “Big Data” became a buzzword, antivirus companies were using advanced traffic analysis, code sharing, and threat intelligence collaboration to identify and mitigate cyber threats. These practices—now framed as real-time behavioral analytics and cloud-based threat modeling—form the backbone of modern malware detection.
  2. Co-opetition drives the antivirus ecosystem. Since the 1980s, competing antivirus vendors have shared threat data to protect users more effectively. By exchanging virus signatures, malware indicators, and real-time telemetry, they’ve built a collaborative defense model that still underpins endpoint protection platforms today.
  3. Web browsers quietly form a frontline malware defense. Major browsers—Chrome, Firefox, Edge, and Safari—participate in joint efforts to flag malicious URLs. When high-profile breaches occur, such as the NBC malware incident, shared threat databases allow for rapid, cross-browser blocking. This shared URL reputation system plays a key role in secure web gateways and browser isolation technologies.
  4. Data localization challenges complicate cloud security. As workloads migrate to the cloud, pinpointing the physical location of sensitive data becomes more difficult. Today’s cloud environments often span multiple data centers across continents, making data governance, compliance, and breach response more complex. Attackers are increasingly exploiting this uncertainty to conceal payloads and pivot laterally through hybrid networks.
  5. Low-hanging targets remain the easiest—and most common—marks. Despite media focus on high-profile breaches, many cybercriminals continue targeting small businesses and unsecured endpoints due to their weak security posture. Cobb emphasizes that attackers don’t need zero-day exploits when exposed credentials and misconfigured systems are still rampant.
  6. Credential theft remains the top attack vector. Around 80% of successful intrusions stem from weak, reused, or compromised passwords. From brute-force attacks to phishing campaigns and credential stuffing, password security is still a glaring vulnerability in both personal and enterprise cybersecurity strategies.
  7. Signature-based detection is obsolete—but not irrelevant. Contrary to common belief, modern antivirus software relies heavily on heuristic and behavior-based detection. AI-powered engines now identify malware based on file behavior, API calls, and sandbox testing—providing proactive protection even against previously unknown threats.
  8. “No antivirus” is not a security strategy—it’s a gamble. While experienced users may think they can operate without endpoint protection, Cobb argues this mindset is shortsighted. Cyber threats evolve rapidly, and even savvy users can fall victim to zero-day exploits, watering hole attacks, or supply chain compromises. Would you tell your family to browse without protection?
  9. Spam is invisible—but still pervasive and resource-draining. You may not see it, but spam filtering consumes massive backend infrastructure. Advanced filtering engines embedded in email gateways and network security appliances block billions of spam messages daily, reducing phishing risk and maintaining email integrity.
  10. Security features are increasingly embedded by default. Cybersecurity is becoming more seamless. Anti-spam, firewalls, and antivirus tools are now integrated into operating systems and default network configurations. This shift reflects a broader trend toward Zero Trust architecture and secure-by-design principles.
  11. 64-bit systems offer a defensive edge—at least for now. Writing malware for 64-bit environments requires more sophisticated coding and bypass techniques. This additional complexity creates a temporary advantage for users running newer architectures, though attackers are catching up quickly with polymorphic malware and cross-platform exploits.
  12. Cybercrime is global—and more profit-driven than ever. While domestic hacking activity in the U.S. may have declined, international cybercrime rings are escalating their efforts. Motivated by financial gain rather than mischief, today’s hackers leverage ransomware-as-a-service, crypto theft, and deepfakes to monetize breaches. The threat landscape has shifted from disruption to extraction.