A malware antipattern

David Norfolk

Written By:
Published: 11th July, 2013
Content Copyright © 2013 Bloor. All Rights Reserved.

I like antipatterns - they're more common and you can learn more from them than from most anodyne 'success stories'. In a past life, I was in internal control in a big merchant bank, and I well remember trying to convince people that security was a 'people issue' rather than a technology one.

So I was tickled by an almost laughable farrago of overreaction, reported here, around responding to a possible malware threat, where the response probably did more damage than the malware ever could. 

To my mind, controlling the malware threat is a business-continuity thing involving people, process and technology; and you have put at least as much effort into planning (and testing, or simulation-testing) your response process, and into managing the (possibly dysfunctional and panic-based) reactions of your people, as you do into buying clever technology to detect malware. And your response should be planned in advance, not thrown together in a panic when you get a threat warning.

 

Post a comment?

We welcome constructive criticism on all of our published content. Your name will be published against this comment after it has been moderated. We reserve the right to contact you by email if needed.

If you don't want to see the security question, please register and login.