A veritable who’s who of global computer virus experts descended on Toronto recently for the 13th Virus Bulletin international conference, where discussions covered everything from worm charming to educating end users.
Janette Jarvis, a security systems product manager with Boeing Corp. in Seattle, spoke about how the company runs its incident management program. Jarvis said the Boeing environment is a good test bed for antivirus incident management, since it has a “convoluted environment”, using everything from state of the art to legacy systems, and has offices and partners all over the world.
In order to even react to a virus threat, a company needs to have a clear vision of the entire enterprise so it can be discerned where and when damage is occurring, she said.
The overall key to successful incident management is concise and controlled communication so only the affected parties are aware of the situation, she added. At Boeing this is often done via pagers. There is also a corporate desire to keep a lid on virus outbreaks, less due to media relations than corporate survival.
“We don’t like to let our entire enterprise know of our vulnerability,” she explained.In order to rate and track a given incident, Boeing has designed a tool which takes data from intrusion-detection systems, anti-virus software and firewalls, and correlates the information. “It is really critical in helping us identify incidents,” she said.