How standards can help to protect your business from malware

British Standards contain the combined knowledge of experienced UK subject experts often working together with their international colleagues in an open, consensus-based process.

You can read a description of these standards and some other relevant publications that are available from BSI or other organizations below:

Standard number/name Description/Benefits Published by
BS ISO/IEC 27002 Code of practice for information security controls This has a short section on malware but there are no British or International Standards dealing specifically with malware detection or patching. BSI
Common Standard for Malware Protection This a UK standard available for the government’s Public Services Network website that addresses malware protection. Although intended for users of this very large, state-owned “network of networks”, the core sections of this standard are just as relevant to SMEs.

 

Public Services Network
Common Standard for Patch Management

This a UK standard available for the government’s Public Services Network website that addresses patch management. Although intended for users of this very large, state-owned “network of networks”, the core sections of this standard are just as relevant to SMEs.

Public Services Network
SP800-83, Guide to Malware Incident Prevention and Handling for Desktops and Laptops A guide to malware incident prevention available from the US National Institute of Standards and Technology. US National Institute of Standards and Technology
SP800-40, Creating a Patch and Vulnerability Management Program This is a NIST Special Publication covering patching. US National Institute of Standards and Technology