As global director of SophosLabs for the past year, Mark Harris says he has been pleasantly surprised not to have been woken up in the middle of the night every time a new virus strikes. He attributes that to the round-the-clock handoff of antivirus and antispam research and analysis work between Sophos' labs in Boston, Vancouver, Abington, U.K. and Sydney, Australia.

Though that's not to say there aren't things that have the potential to give the onetime McAfee executive nightmares.

Foremost is the volume of malware, which he says continues to skyrocket. He cites a security tracking firm that counts some 140 new Trojans hitting banks in Brazil each day. SophosLabs itself publishes six or seven threat updates a day, each with 10 to 20 detections.

Also worsening is the threat from applications such as Skype or instant messaging, which are legitimate programs but could be carriers of malware. Sophos pushes a concept of application control that relies on scanning for unwanted applications at the desktop in the same way it monitors for malware (Sophos also offers e-mail gateways and Web appliances). Sophos gives network administrators control of what is and is not deemed acceptable for a company, which enables Sophos to help companies rid themselves of adware without Sophos having to actually be the one labeling an application adware or spyware, Harris says.

Rootkits might be making headlines but Harris says they can be stopped along with other threats at the scanning stage. Sophos offers free tools to detect and clean up after rootkits, he says.

"The biggest challenge we have is around the packing or hiding of viruses within compression algorithms," he says. "The vast majority of the viruses aren't new."

The significantly increasing number of entry points -- through mobile phones, USB keys and others -- is a huge concern of customers, though Harris says these devices aren't being abused badly by malware authors so far. "There are plenty of examples of Symbian viruses, but the number of devices is still relatively small, so the threat is too," he says. "Developing anything on Symbian is a challenge anyway." Harris advises that users of Symbian-based devices simply avoid Bluetooth broadcasting to thwart malware threats.

With Windows Mobile on the rise, Harris says the mobile malware threat could grow and Sophos has a security product in the works. He's not saying that Windows Mobile will be inherently less secure, just that it will be easier for people to develop malware on it.

Harris, by the way, dismisses conspiracy theories that most of the viruses and other malware actually come from antivirus and security companies.

"Most virus writers aren't good enough to work for us, to be honest," he says, noting that SophosLabs hires people with a mix of backgrounds. The organization has employees with degrees in everything from chemistry to psychology, and generally looks for people with great inquisitiveness and a keen interest in computers. SophosLabs has no interest in hiring people who have taken virus writing courses, he says.

While extremely busy, SophosLabs workers keep themselves amused as well. The group has an informal contest going on to spot the world's dumbest spammer. Leading candidates include one rocket scientist who used an obfuscating tool to change Os to zeros, after putting the hyperlink into the spam message, while another forgot to fill in the random fields used by spammers to get their messages past antispam systems.