Find Resources & Connect with members on topics that interest you.

AI - Acquire and Implement

PO - Plan and Organize

DS - Deliver and Support

Please sign in to see your topics.

You must be logged in to join this group.

DS5.9 - Malicious Software Prevention, Detection and Correction

This topic is intended to enable collaboration and sharing of information to facilitate a better understanding and approach to implementing this COBIT control objective based on the risk, value and guidance provided by its corresponding control practices.

COBIT Control Objective DS5.9 - Malicious Software Prevention, Detection and Correction is contained within Process Popup Ensure Systems Security.

Learn more about COBIT and related publications.

Click “Join This Community” to be able to actively participate in discussions and contribute content. You must be an ISACA member to join this topic. Join ISACA now.

 
This Topic Has:
16 Members
0 Online
4097 Visits

 Recent Discussions

Community Leader

Knowledge Center Manager

Knowledge Center Manager

Title: Become a Topic Leader!

Badge: Energizer


Malicious Software Prevention, Detection and Correction

Put preventive, detective and corrective measures in place (especially up-to-date security patches and virus control) across the organisation to protect information systems and technology from malware (e.g., viruses, worms, spyware, spam).

View value and Risk Drivers  help

Hide value and Risk Drivers help


Value Drivers

  • System security ensured by proactive malware protection
  • Ensured system integrity
  • Timely detection of security threats
  Risk Drivers
  • Exposure of information
  • Violations of legal and regulatory requirements
  • Systems and data that are prone to virus attacks
  • Ineffective countermeasures

View Control Practices  help

Hide Control Practices  help

  1. Establish, document, communicate and enforce a malicious software prevention policy in the organisation. Ensure that people in the organisation are aware of the need for protection against malicious software, and their responsibilities relative to same.
  2. Install and activate malicious software protection tools on all processing facilities, with malicious software definition files that are updated as required (automatically or semi-automatically).
  3. Distribute all protection software centrally (version and patch-level) using centralised configuration and change management.
  4. Regularly review and evaluate information on new potential threats.
  5. Filter incoming traffic, such as e-mail and downloads, to protect against unsolicited information (e.g., spyware, phishing e-mails).

Discussions: 0 total

Must be a Topic member to contribute

No Results Found

Documents & Publications: 109 total

Must be a Topic member to contribute
View All »
Books
Posted by ISACA 108 days ago
Books
Posted by ISACA 227 days ago
Books
Posted by ISACA 441 days ago

Events & Online Learning: 21 total

16 Mar 2015
ISACA International Event
Orlando, FL, USA
15 Jun 2015
ISACA International Event
Ciudad de México, Mexico
21 Sep 2015
ISACA International Event
Miami, FL, USA
21 Sep 2015
ISACA International Event
06010 Mexico City, Panama
La Conferencia Latinoamericana CACS/ISRM
9 Nov 2015
ISACA International Event
Copenhagen, Denmark
Stay on top of the trends and opportunities of the dynamic technology industry at EuroCACS/ISRM —the leading European conference for IT audit, assurance, security and risk professionals.

Journal Articles: 194 total

Volume 6, 2106
by Venkatasubramanian Ramakrishnan, CISM, CRISC, CHFI
Bayesian networks can capture the complex interdependencies among risk factors and can effectively combine data with expert judgment.
Volume 3, 2017
by Indrajit Atluri, CRISC, CISM, CEH, CISSP, CSSLP, HCISPP, ITILv3
The resolve to address IoT device security at various levels—hardware and software, government and enterprise, consumers and services—is widespread.
Volume 3, 2017
by Hemant Patel, CISM, ITIL, PMP, TOGAF
Security needs to be addressed at all stages of the IoT system life cycle, including the design, installation, configuration and operational stages.
Volume 3, 2017
by Sunil Bakshi, CISA, CRISC, CISM, CGEIT, ABCI, AMIIB, BS 25999 LI, CEH, CISSP, ISO 27001 LA, MCA, PMP
What are threats associated with the use of the Internet of Things (IoT) and what approach should one have in implementing security for IoT?
Volume 3, 2017
by Sakthivel Rajendran, CISA, CRISC, CISM, CEH, GMOB
In today’s age of bring your own device (BYOD), the smartphone is one of the preferred mobile devices to access enterprise information.
Volume 3, 2017
by Sivarama Subramanian, CISA, and Balaji Swaminathan M., CISA, CISSP
During the Internet of Things (IoT) Village held at the DEF CON security conference in August 2016, 47 new vulnerabilities affecting 23 IoT devices from 21 manufacturers were disclosed.

Wikis: 2 total

Blog Posts: 49 total

30 Mar 2017
When you think about your company information security, a greatest image come into your mind: * if my storage device crashed;* if my flashcopy in other storage device crashed too;* if my backup tape was in flame;* if my archive data was missed;* if my sec...
Posted By : MGPlay | 0 comments
Senior Manager           ultimate responsibility Information security Officer          functional responsibility Security Analyst           Strategic, develops policies and guidelines Owner         - Responsible for asset         - Determine level of clas...
Posted By : Muhammad554 | 0 comments
La demanda de servicios bancarios a través de Internet, producto del surgimiento de nuevas necesidades en los consumidores atraídos por el auge tecnológico, mantiene a las entidades financieras inmersas en una encrucijada en la cual deben equilibrar el ni...
Posted By : Gerardo Zuñiga | 0 comments
For a long time, the main focus of most organization was to have a solid protected network perimeter, by installing the most powerful shiny firewall, IPS/IDS to avoid intruders to trespass inside their networks. The endpoint (host) protection was always c...
Posted By : Willian Guilherme | 1 comments
This is an opinion piece written using Australian English spelling. Please read at your leisure. There is no denying the outright benefits of The Internet of Things (IoT). The IoT is a Life-Productivity-Enabler. Connecting smart objects with other sma...
Posted By : Philippe_Lopez_AU | 0 comments
Let us have positive inspirational slogans for every situation. Last week I started the project meeting like this: I don't know you are all so good at tuning the website. The performance is now is wonderful. I could witness reduction of stress, anxiety an...
Posted By : Jayakumar Sundaram | 1 comments