As malicious code rapidly evolves, the National Institute of Standards and Technology is updating its guidance to reflect changes in the threat malware presents organizations.
The “Unlike most malware threats several years ago, which tended to be fast-spreading and easy to notice, many of today’s malware threats are more stealthy, specifically designed to quietly, slowly spread to other hosts, gathering information over extended periods of time and eventually leading to exfiltration of sensitive data and other negative impacts,” NISTG says is the just-published draft of Special Publication 800-83 Revision 1: Guide to Malware Incident Prevention and Handling for Desktops and Laptops.
NIST, in announcing the draft revision, points out that protecting desktops and laptops remains critical even as many government agencies and companies focus on mobile security. The guidance provides information on the major categories of malware that afflict desktop and laptop computers and furnishes practical procedures on how to prevent malware incidents and what to do when a system becomes infected.
- To battle malware, the NIST guidance suggests organizations should:
- Develop and implement an approach to malware incident prevention.
- Plan and implement an approach to malware incident prevention based on the attack vectors that are most likely to be used now and in the near future.
- Ensure that their policies address prevention of malware incidents.
- Incorporate malware incident prevention and handling into their awareness programs.
- Implement awareness programs that include guidance to users on malware incident prevention.
- Maintain vulnerability mitigation capabilities to help prevent malware incidents.
- Document policy, processes and procedures to mitigate vulnerabilities that malware might exploit.
- Apply threat mitigation capabilities to assist in containing malware incidents.
- Perform threat mitigation to detect and stop malware before it can affect its targets.
- Consider using defensive architecture methods to reduce the impact of malware incidents.
- Sustain a robust incident response process capability that addresses malware incident handling.
NIST is seeking comments from stakeholders on the draft. Comments can be sent to email@example.com by Aug. 31. A final revision is expected to be published by late summer.