SANS Report Breaches Happen: Be Prepared
Computer viruses are yesterday’s news; automated attacks that morph rapidly, concealing themselves through encryption and deceptive packaging, are the new hotness. This paper describes how to start with improved malware reporting and gateway monitoring and how to combine this output with security intelligence from both internal and external resources. Forward thinking organizations use these and other techniques promoted by frameworks such as the Critical Security Controls. The key is to—as quickly as possible—detect hostile activity, identify and locate affected systems and devices, and respond appropriately.