Malware defences involve implementing safeguards to protect an enterprise’s systems from malicious software, including viruses, worms, trojans, and ransomware. These defences typically include antivirus programmes, firewalls, intrusion detection systems (IDS), and continuous system monitoring to detect, prevent, and mitigate the spread of malware and other cyber threats. By establishing comprehensive malware defences, enterprises can significantly reduce the risk of infections, data breaches, and system disruptions caused by malicious software.

———————————————————————————————————

Level 1 Certification

———————————————————————————————————

Measure 3.1: Implement Basic Antivirus Software Across All Devices

Does your enterprise ensure that all devices used by employees, including computers, laptops, and mobile devices, are protected with antivirus software?
Example: Install and maintain reputable antivirus software for example Windows Defender, Avast, or Bitdefender on all devices to detect and block malware, viruses, and other malicious software.

Measure 3.2: Enable Firewalls on All Systems

Does your enterprise enable and configure firewalls on all devices and network systems to monitor and filter incoming and outgoing traffic for malicious activity?
Example: Ensure that Windows Firewall or third-party firewalls such as ZoneAlarm or Comodo are enabled on all devices, and configure them to block unauthorized access and malware.

Measure 3.3: Regularly Update and Patch Software

Does your enterprise ensure that all software, operating systems, and applications are regularly updated to close any security vulnerabilities that malware can exploit?
Example: Set up automatic updates for all operating systems and key software applications to ensure patches are applied as soon as they are released, protecting against known threats.

Measure 3.4: Provide Employee Awareness on Malware Threats

Does your enterprise educate employees on the risks of malware, phishing emails, and unsafe online behaviour?
Example: Conduct basic security awareness training, teaching employees how to spot suspicious emails, avoid unsafe websites, and protect sensitive information from malware.

———————————————————————————————————

Level 2 Certificaton

To achieve Level 2: Level 1 must also be achieved.

———————————————————————————————————

Measure 3.5: Implement Advanced Malware Detection and Antivirus Solutions

Does your enterprise deploy advanced antivirus solutions or endpoint detection and response (EDR) software for more effective malware detection and mitigation?
Example: Use solutions like Sophos, CrowdStrike, or McAfee, which offer advanced protection with features such as real-time scanning, malware sandboxing, and automatic remediation.

Measure 3.6: Deploy Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)

Does your enterprise use Intrusion Detection Systems (IDS) or Intrusion Prevention Systems (IPS) to monitor network traffic and detect malicious activity?
Example: Implement tools such as Snort or Suricata to detect unusual network traffic or malicious attempts to infiltrate your enterprise’s systems and prevent attacks before they can spread.

Measure 3.7: Conduct Regular Vulnerability Scanning and Penetration Testing

Does your enterprise schedule regular vulnerability scanning or penetration testing to identify weaknesses in the network and systems that could be exploited by malware?
Example: Use automated tools such as Nessus or Qualys to scan for vulnerabilities in your network, and conduct annual penetration tests to simulate potential attacks and identify weaknesses.

Measure 3.8: Enable Email Filtering to Block Malicious Attachments and Links

Does your enterprise use email filtering solutions to scan incoming emails for malicious attachments, links, or phishing attempts?
Example: Implement email security services like Proofpoint or Mimecast to filter emails, block dangerous attachments, and flag suspicious links before they reach employees.

———————————————————————————————————

Level 3 Certificaton

To achieve Level 3: Level 2 and Level 1 must also be achieved.

———————————————————————————————————

Measure 3.9: Implement Endpoint Detection and Response (EDR) Solutions

Does your enterprise deploy comprehensive EDR solutions to continuously monitor, detect, and respond to advanced malware and threats on endpoints in real-time?
Example: Use advanced EDR platforms such as CrowdStrike Falcon or Carbon Black, which offer real-time threat detection, investigation tools, and automated responses to mitigate advanced threats like ransomware or APTs (Advanced Persistent Threats).

Measure 3.10: Employ Network Segmentation and Advanced Firewall Configurations

Does your enterprise segment networks to isolate critical systems and data, ensuring that malware cannot spread freely across the entire network?
Example: Use VLANs (Virtual Local Area Networks) and advanced firewall configurations to isolate sensitive data and systems, reducing the impact of any malware infection within the network.

Measure 3.11: Implement Behavioural Analytics for Threat Detection
Does your enterprise use behavioural analytics tools to identify abnormal user and system activity that could indicate a malware attack or security breach?
Example: Use tools such as Darktrace or Vectra to analyse patterns in network traffic and user activity, identifying potential threats based on deviations from normal behaviour before malware spreads.

Measure 3.12: Integrate Threat Intelligence Feeds to Stay Updated on Emerging Threats
Does your enterprise integrate threat intelligence feeds to stay informed about emerging malware and cyber threats, ensuring timely protection against new and evolving threats?
Example: Subscribe to threat intelligence services like ThreatConnect or FireEye to receive real-time updates on the latest malware, vulnerabilities (CVEs), and attack techniques used by cybercriminals.

———————————————————————————————————