This service mitigates risks faced by organisations due to malicious code triggered disruptions. It also encompasses the institutionalisation of continuous improvement in this area.

In the arena of malicious code management, organisations need to undergo a paradigm shift in focus from anti-virus to worm containment strategies. Today, firewalls and perimeter anti-virus infrastructures are proving ineffective against malicious code because innovative paths of ingress are being used by viruses and worms to infiltrate the corporate IT infrastructures. There is a growing proliferation of Instant Messaging (IM) and Peer-to-Peer networking viruses and worms. Traditional anti-virus defences are not optimally effective against these. Malicious code is also being encapsulated within other protocols to enable them to tunnel through anti-virus defences. Social engineering is becoming a prominent mode of spread, against which technology is ineffective. There is a growing threat to organisational email systems from spam, viruses and worms, phishing, and direct attacks.

The threat environment is rapidly and inexorably worsening. Unless kept in sync, existing organisational anti-virus infrastructures will become obsolete if not already so. This service works towards developing malicious code management strategies for protecting an organisation's information systems based on an assessment of risks and vulnerabilities, and the changing threat environment.