It seems ever since I wrote my paper The Malware Threat Businesses are Ignoring and How Damballa Failsafe Fits In I’m seeing more and more vendors jump on the bandwagon. Today’s malware impacts everything from the network infrastructure to the endpoint and everyone wants a piece of the pie. I know the market is growing so I can’t blame people for wanting to capitalize on the opportunity.
Vendors aside, what is it that you as an IT professional need to be doing about the threat outside your network and the vulnerabilities inside your network? Being an independent information security consultant and seeing things from an outsider’s perspective, it’s clear to me that most IT shops are, in a grand way, woefully unprepared to fight this threat…much less respond in a mature and professional fashion when a breach and subsequent outbreak occurs.
As I write this post, I’m listening to a song on satellite radio with a chorus that says “If we don’t do it, nobody else will.” Wow, that hits the nail on the head – in a spooky kind of way. Indeed, if you don’t address the advanced malware threat today, indeed, nobody else is going to. Executives on mahogany row won’t. Nor will HR. Software developers are doing their own thing. Even your compliance officer and legal counsel aren’t going to understand the real impact of advanced malware.
You, the IT/information security professional, are going to have to step up and make the case that your business can be – and quite likely is – a target. This means taking the proper steps to:
1. determine your risks
2. get management on board
3. document reasonable policies and an incident response plan
…and, most importantly (and often the missing link):
4. enforcing with the right technologies
Don’t give the bad guys a chance. Do something now. Nobody else will.
“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.
His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”