What You Must Do to Combat the Malware Epidemic

 

Aug. 11, 2010

The nation’s leading Internet security expert agrees with McAfee – the antivirus firm’s 2010 Q2 report states an epidemic of malware has been unleashed on the Web – and he provides solutions.

 “The report reconfirms everything we’ve been saying since we began our blog 18 months ago. There has been a sea change in cybercrime,” writes Dr. Stan Stahl. “Threats are more sophisticated than ever, weaknesses and vulnerabilities abound. Defenses have not kept pace.”

Dr. Stahl is a principal in Citadel Information Group, and is president of the Los Angeles Chapter of the Information Systems Security Association.

“The report is a reminder to every organization to take a critical look at its defenses – everything from policies and employee awareness training to modern intrusion prevention systems,” suggests Dr. Stahl. “It needs to make sure it’s employing a cost-effective defense-in-depth strategy covering all three critical security management domains.”

He says the security-management domains include:

1. Corporate security management
2. Security management of the IT infrastructure
3. Point-in time security of the IT infrastructure

“It’s also a time to talk to your attorney and your insurance broker,” he adds. “Your attorney can make sure you’re aware of your legal responsibilities and can provide counsel on sharing sensitive information with 3rd parties. Your insurance broker can help you mitigate some of your security risk through cyber-insurance policies.”

Indeed, McAfee report does confirm what Dr. Stahl has been telling me. The malware epidemic recently prompted Microsoft to issue an emergency patch. Whatever he recommends, I strongly endorse it.

Two resource links:

• Here’s my original column about McAfee’s report – Security Firm Warns About Historic Malware Levels.
• Dr. Stahl’s Web site: www.citadel-information.com.
• His blog:blog.citadel-information.com.

From the Coach’s Corner, Dr. Stahl has often graciously responded to my requests for information since 2004. His analysis on many IT security topics – from the dangers of mobile banking to using WIFI – can be found in numerous columns here on The Biz Coach site. Simply enter his name as key words in this site’s search in the upper right corner on any these pages.