Too often, organizations make the mistake of treating malware infections as a series of independent occurrences. Each time a malicious program is discovered, IT simply cleans up or rebuilds the affected host and then moves on with routine operational tasks. This approach doesn’t allow the enterprise to keep up with the increasingly aggressive and innovative attack tactics employed by malware authors.
Combating malware in an enterprise environment means not only locating suspicious programs on servers and workstations, but also detecting and interfering with the use of malware on the network. To win the battle for data security, enterprises must discover malware propagation attempts and contain infections before they escalate into all-encompassing pandemics.
My recent article, originally published in the Campus Technology magazine, explains how to treat malware incidents as elements of a holistic security incident cycle. If this topic interests you, read the 4 Steps To Combat Malware Enterprise-Wide article and check out the 2-day course I teach at SANS Institute on the topic of malware combat.