Security School

Browse Sections


This content is part of the Security School: Keeping Web malware out of enterprise systems

How to mitigate the risk of Web malware infections with separation

Here's the thing to know about malware -- if it’s not running it can’t destroy. That is, there must be a process in memory using the resident system's CPU before malware can perform its nefarious deeds. With that in mind, it is not hard to realize that the notion of which system the malware is "resident" on becomes crucial to determining the extent of the damage from any infection. Separating that process from other production services can reduce that damage. In this video expert Peter Lindstrom explains how separation can protect your system from Web-borne malware.

About the speaker: Pete Lindstrom is principal of Spire Security, an industry analyst firm addressing challenges in technology risk management and cybersecurity economics. In his 20+ year career, he has held other industry analyst positions at Burton Group and Hurwitz Group, as well as enterprise positions as a security architect for Wyeth Pharmaceuticals and an IT auditor for PwC and GMAC Mortgage. Lindstrom is a frequent speaker and writer on information security topics and is a director of the International Systems Security Association (ISSA). He has a finance degree from the University of Notre Dame.

View All Videos

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

Great piece. I've found that one of the best things you can do is do your best to not facilitate this malware. This requires testing for - and fixing - flaws such as cross-site scripting and similar issues especially if you're running WordPress. More resources on Web site and application security testing here.