Perhaps a better measure of the threat posed by malicious programs is the percentage of samples that can bypass the protections of security software. Critics of antivirus software frequently point to dismal numbers on VirusTotal as proof that the software is failing. But the testing of security products rarely tests all of their capabilities, so automated testing such as VirusTotal does not give a perfect picture of the effectiveness of defenses.
A second measure may be the increase in workload for antivirus firms over time. Yet, that is also a complex situation to measure. While security firms are hiring more analysts, they are also improving their automated analysis systems and moving their infrastructures to the cloud. McAfee estimates that only 5 percent of malware need to be seen by an analyst.
"The analysts only want to handle the 5 percent that was not handled by automation," says David Marcus, security research and communications manager for McAfee. "To keep up with the other 95 percent, we have to continually improve our back-end systems."
In the end, the proliferation of malware variants should not, by itself, be considered a threat. The security industry needs to find better measures of how the increase impacts users' efforts to remain secure.