By: David Norfolk, Practice Leader - Development, Bloor Research
Published: 11th July 2013
Copyright Bloor Research © 2013
I like antipatterns - they're more common and you can learn more from them than from most anodyne 'success stories'. In a past life, I was in internal control in a big merchant bank, and I well remember trying to convince people that security was a 'people issue' rather than a technology one.
So I was tickled by an almost laughable farrago of overreaction, reported here, around responding to a possible malware threat, where the response probably did more damage than the malware ever could.
To my mind, controlling the malware threat is a business-continuity thing involving people, process and technology; and you have put at least as much effort into planning (and testing, or simulation-testing) your response process, and into managing the (possibly dysfunctional and panic-based) reactions of your people, as you do into buying clever technology to detect malware. And your response should be planned in advance, not thrown together in a panic when you get a threat warning.
We automatically stop accepting comments 180 days after a post is published. If you would like to know more about this subject, please contact us and we'll try to help.
Published by: electronicdawn Ltd.