In June, the United States Department of Commerce made headlines by announcing a ban on Kaspersky software. According to a report by Lance Whitney of ZDNET, starting from September 29, Kaspersky will no longer be able to provide antivirus signature updates or code updates for its banned products to customers within the United States.
The news of the ban was shocking to many, raising the question—are people still paying for third-party Antivirus Subscriptions in 2024?
Antivirus Software: A Dying Market?
Surprisingly, many still do. However, finding reliable data on the current antivirus software market is challenging. Most of the available information comes from the developers of these software products, casting doubt on its reliability.
Antivirus Usage Statistics
A recent survey conducted by Security.org offers some insight into the U.S. antivirus market. The survey reveals that around 54% of Americans rely on the default virus protection that comes pre-installed on their devices, while 46% opt for third-party antivirus solutions. However, only about half of these third-party users (33 million households) actually pay for their software. Norton and McAfee dominate the market, accounting for 52% of paying customers, while Kaspersky trails with a mere 4% share. If these figures are accurate, approximately 1.3 million Americans may soon be demanding refunds from Kaspersky.
One notable detail from the survey is the demographic divide: Older Americans, particularly those over 65, are significantly more likely to pay for third-party antivirus software compared to their younger counterparts under 45. Many older adults still cling to these programs for the same reason they continue to use checkbooks—it’s familiar and comforting.
Unfortunately, this comfort comes at a financial cost.
Protecting Your Devices in 2024: What’s the Best Approach?
Regardless of the device—be it mobile (iOS or Android), Mac, or Windows—you’re likely well-protected with the default security measures that come built into the platform. For instance, on mobile devices, app stores managed by the operating system developers offer robust security. Apple’s XProtect antimalware technology has been safeguarding Macs for over a decade, effectively neutralizing mainstream threats. Meanwhile, Microsoft Defender Antivirus—included with every Windows PC—has consistently scored between 99% and 100% in third-party lab tests, making it as effective as most paid alternatives.
Why Antivirus Subscriptions in 2024 are not needed
The necessity for third-party antivirus software has dramatically declined since the early 2000s, a time when the Windows PC landscape was fraught with vulnerabilities. Back then, malware frequently spread through email attachments or over networks, but those vectors are now largely neutralized. Automatic updates protect against newly discovered vulnerabilities, modern email clients block executable file attachments, and network firewalls are vastly improved compared to their 2002 counterparts.
Recent testing has shown that Microsoft Defender effectively blocks the most popular ransomware and info-stealing attacks. On average, modern antivirus apps intercept 99.2% of the few threats that bypass other layers of protection. Ultimately, your instincts—like avoiding suspicious links—are also an effective line of defense. This evolution in security is why consumer PCs are no longer prime targets for criminal gangs.
Who Are the Real Targets?
Today’s cybercriminals primarily target businesses, exploiting vulnerabilities in third-party software rather than operating systems. For example, Russian hackers used SolarWinds management software to breach Microsoft and other high-value targets. Similarly, the widely used app MOVEit, developed by Progress Software, was compromised in a breach that affected thousands of major companies and government agencies last year, with a new vulnerability reported in June. Victims included Shell, British Airways, the BBC, and the Canadian province of Nova Scotia—not individual PC users.
These sophisticated attacks require advanced network-based software that allows IT departments to monitor for intrusions in real-time. For individual users, default security measures are typically sufficient since determined attackers see little financial gain in targeting smaller, less valuable prey.