EICAR paper (2): Managing Malware – Mapping Technology to Function

This is a paper I presented at EICAR in 1999 on Managing Malware – Mapping Technology to Function. Here’s the abstract:

This paper challenges common assumptions about malware costs and damage, the way in which they are measured, the corporate malware management function, and the effectiveness of “out-of-the-box” solutions.

Unit cost is only one component of the overall cost of implementation of specific anti-virus/anti-malware software, which in turn is only one component of a whole range of possible anti-malware measures. The paper examines virus damage and costs, and the elements which comprise the corporate malware-management function, and how well commercial software maps to it.

Stripping the mystique and obfuscation which clings to virus/anti-virus technology and practice empowers management to regain control and allow strategy to drive the technology, rather than letting a chosen product dictate strategy. It gives security practitioners a basis for preparing cost and risk analyses, and defining their own jobs in terms of malware management. It will also benefit vendors who are receptive to improving their response to customer needs.

David Harley
Small Blue-Green World
ESET Senior Research Fellow

Advertisements

About David Harley

Computer Security Author/Editor; Independent Antimalware Researcher; CEO at Small Blue-Green World; Senior Research Fellow at ESET.
This entry was posted in conference papers, David Harley, EICAR and tagged , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s