AI training for Copilot, Claude and OpenAI. Book your slot now +61 3 4803 4915Client PortalRemote Support
Belton IT Nexus
NZ AU
Contact us
01 Run

We become your IT department and own the day-to-day.

Managed IT Your whole environment, owned Managed Devices Endpoints, patched & tracked Microsoft 365 The workplace, managed Cloud & Azure Run properly, costs watched Connectivity Internet & networks that work Business VoIP Phones on any device
02 Protect

Security operations you can verify, and show.

24-Hour CyberSOC Security ops that don't clock off Identity & Access MFA enforced, takeover stopped Email Security Phishing & fraud, stopped Endpoint Protection EDR on every device Backup & Recovery Provably restorable Security Bundles Per-user, no hidden fees
03 Improve

Honest strategy, budgets you can plan around.

IT Advisory & vCIO Honest, predictable plans Compliance & Governance Audit-ready evidence Projects & Consulting Build what you can't buy Procurement Right kit, fair price, visible Licensing Right-sized, never wasted IT Asset Finance Spread the cost, monthly Data Centres & Hosting Sovereign, servers in minutes
04 Build

AI, automation and software, where they genuinely help.

AI & Copilot Rolled out so it sticks AI Training & Implementation Copilot, Claude & ChatGPT Copilot Workshops Hands-on team training Business Automation Hand work to the platform Software Development Custom builds, done properly Client Portal AI-first insights & budgets White-Label Our bench, your brand
Belton · Run / Protect / Improve / BuildView all services ›
Professional Services

Firms that run on trust, time and confidential data.

Accounting Ledgers & client data Legal Privilege & matter files Business Advisory Plans & reporting Mortgage & Finance Loan files & AML/CFT Insurance Claims & client records Insurance Brokers Cover & premiums
Built & Made

Site, studio and floor, where uptime is the product.

Construction Sites & project files Architecture Drawings & large models Quantity Surveyors Cost data & big files Manufacturing Floor & ERP uptime Healthcare Patient data & privacy
Trade, Service & Technology

Fast-moving operations that can't carry downtime.

Logistics Fleet, orders & tracking Retail & Wholesale POS & storefronts Hospitality POS, EFTPOS & guest WiFi Technology Cloud-native teams Distribution Inventory & systems General SMB Don't fit a box? Start here
Belton · Sector-specialised IT & securityAll industries ›
Guides & Frameworks

Plain-English playbooks for the controls that matter.

Essential Eight ASD's eight, explained DIY Cybersecurity Lock down the basics Cyber Standards Guide ISO, SMB1001 & more M365 Selection Guide Pick the right licences
Tools & Assessments

Self-serve checks that map where you stand.

Security Assessment Score your posture Network Assessment Find the weak spots M365 Security Checklist Find the gaps Cyber Insurance Readiness Be claim-ready
Reading & Learning

Get more from the tools you already pay for.

SME Tech Outlook 2026 Where NZ tech heads next Copilot Learning Hands-on with Copilot FAQ Straight answers CEO's Blog Plain-English views
Belton · Knowledge, not gatekeepingResource library ›
The Firm

A senior team with the skills and scale for any project.

About Belton Who we are, plainly How We Work Our delivery process Who We Work With The fit we look for Leadership Jason & Amy Agnew + team
Proof & Partners

The evidence behind the claims, and ways to build with us.

Case Studies Real outcomes, named Accreditations The proof behind the practice Industries Sector-specialised White-label / Partners Our bench, your brand
Connect

Real people, fast, no ticket-queue runaround.

Contact Us Talk to a human, today Book a Session A 90-minute discovery Find Us Newmarket, Auckland Remote Support Get help now
Belton IT Nexus · Est. 2004 · Newmarket, AucklandAbout us ›
Home/ Insights/ We've got antivirus

"We've got antivirus." Why that sentence worries me.

It is meant to be reassuring, and once upon a time it was. Today, when a business tells me their security plan is antivirus, what I hear is a business that thinks it is covered and is not. Here is why, in plain English.

Jason AgnewFounder & CEO
Jun 2026Cyber Security
5 minRead

There is a sentence I hear a lot, said with genuine confidence, that quietly worries me every time. Someone asks how a business handles its security, and the answer comes back: we've got antivirus. It is said the way you would mention you have locks on the doors, as if it settles the matter. And I understand why, because for a long time it more or less did. The trouble is that the world it made sense in has gone, and a lot of businesses have not noticed the ground shift under them.

Let me be clear about what I am not saying. I am not saying antivirus is useless, or that you should rip it out. I am saying that antivirus on its own is no longer a security plan, in the same way that a smoke alarm is a good thing to own but is not a fire safety plan. It is one part, and on its own it leaves you exposed in exactly the ways attackers now rely on.

Why antivirus stopped being enough

Traditional antivirus works by recognising things it has seen before. It carries a list of known bad software and watches for it. That was a fine approach when threats were relatively simple and slow-moving, and it still catches plenty of the old, obvious stuff, which is why it is worth keeping as a layer. But it has a fundamental limit baked into how it works: it is looking backwards, at threats that are already known.

Modern attacks are built precisely to walk past that. They use techniques that have never been seen before, so there is nothing on the list to match. They often do not use malicious software at all, instead misusing the ordinary, legitimate tools already on the machine, which antivirus has no reason to flag. And many of them are not really a piece of software to catch in the first place, they are a person, working their way in through a stolen password or a convincing email. Antivirus was never designed to see any of that, and no amount of updating changes what it is fundamentally looking for.

What modern protection actually adds

The shift that matters is from blocking known-bad files to watching behaviour and responding to it. The modern approach, often called endpoint detection and response, does not just ask "have I seen this exact threat before?" It asks "is something on this machine behaving the way an attack behaves?" That difference is everything, because it can catch a brand-new threat, or a real human intruder, by what they do rather than by recognising them in advance.

But detection is only half of it, and the half that gets overlooked is the response. It is not enough for something to notice an attack at two in the morning. Someone, or something, has to act on it immediately, isolating the affected machine and shutting the intrusion down before it spreads, because attacks do not keep office hours and a few hours' head start is all most of them need. That is the part a piece of software sitting quietly on a laptop simply cannot do on its own.

The bit that really matters: a team behind the tools

This is what I most want businesses to understand. The single biggest upgrade is not a cleverer piece of software, it is having actual people watching. A managed detection and response service means there is a security team monitoring your systems around the clock, ready to react the moment something looks wrong, at three in the morning on a Sunday just as much as on a Tuesday afternoon.

This is the gap that antivirus can never fill, no matter how good it gets, because antivirus has nobody home. When it sees something, it pops up an alert, and then it waits for a human who is asleep. A real attack exploits exactly that silence. The difference between a contained near-miss and a genuine disaster is almost always whether someone was watching and able to act in those first few minutes. We have written up the full contrast on our managed detection versus antivirus page, and the short version is this: tools find things, teams stop them.

Antivirus has nobody home. It sees something, pops up an alert, and waits for a human who is asleep. A real attack is built to exploit exactly that silence.

What cyber insurers now expect

If the security argument does not move you, the commercial one should, because it has teeth. Cyber insurance has changed sharply, and insurers have caught up with all of this faster than many businesses have. Where once a policy was straightforward to get and pay out on, insurers now ask hard questions about what protection you actually have in place, and increasingly they expect to see modern detection and response, not just traditional antivirus.

This matters in a way that can genuinely catch a business out. If you answer those questions loosely, assuming your antivirus counts, you can find yourself holding a policy that does not pay when you most need it, because the protection you claimed to have was not the protection you actually had. The gap between "we've got antivirus" and what your insurer requires is not a technicality. It is the difference between a claim that pays and one that does not. It is worth getting your cyber insurance readiness checked properly before you ever have to test it.

The simple version: antivirus is one layer, and a backward-looking one, not a security plan. Modern protection watches for how attacks behave, responds the moment they appear, and crucially has a real team behind it around the clock. It is also fast becoming what your insurer expects. If "we've got antivirus" is roughly where your business sits today, that is not a failure, it is just a good reason to take a proper look.

Our security bundles are built to close exactly this gap, layering modern detection, response and a monitoring team on top of the basics, so the sentence you can say with confidence is no longer "we've got antivirus" but "we've got someone watching." If you are not sure where you stand, that is the most useful thing to find out before an attacker finds out for you.

Jason Agnew
Jason Agnew Founder & CEO, Belton IT Nexus. Twenty-two years building specialist IT and security for New Zealand business.

Is antivirus your whole plan?
Let's find out where you stand.

We will look honestly at your current protection, tell you where the real gaps are, and show you what modern detection and a 24/7 team would actually change. No jargon, no obligation.

See security bundles Talk to a human
And relax

Getting started is the easy part.

Onboarding without drama

We do the switch: your current provider, the migration, the handover, all of it. Most teams barely notice the cutover happened.

Everything looked after

On the right plan, compliance, reporting and budgets are handled inside the partnership. You run the business; we run the IT underneath it.

Your QBR writes itself

Quarterly business reviews are generated automatically from your live environment: spend, posture, recommendations and roadmap, ready for the board, reviewed with your account manager.

The honest bit: the full looked-after experience comes with the right plan. We charge fairly for what we take on, and when costs step up it's because you are taking on more, always moving in the right direction.

Get started in 2 minutes Speak to someone
NEW ZEALAND OWNED & OPERATED EST. 2004
Sovereign by design

New Zealand owned and operated.

Sovereign data centres across New Zealand and Australia, with your data kept onshore wherever it's required. Our team understands New Zealand, and our leaders have built, scaled and secured businesses right across the New Zealand landscape.

Sovereign data centres · New Zealand & Australia
  • Auckland
  • Christchurch
  • Sydney
  • Melbourne
  • Brisbane
  • Perth
International data-centre operations
  • Singapore
  • Germany
  • Netherlands
  • USA

Servers available in minutes, not days.

Explore data centres & hosting →
Accredited partners
Microsoft Solutions Partner, Modern Work Fortinet Partner Lenovo Partner HP Partner Apple Partner APC Partner SentinelOne Partner
Book your free discovery & security session