Definition: "Malicious Code" is a computer program written for the purpose of gaining unauthorized access to a computer or network or someone else's information infrastructure. There is a wide variety of malware on the Internet ranging from spyware to trojans or key loggers.
Destructive computer code can re-format a hard drive, cause highly sensitive information to be revealed or to cause permanent damage to an information infrastructure or infect other devices. Nefarious programs are intended to to harm or to steal data. Nation states, terrorists, organized crime and malicious users are the prime offenders. Illegitimate code can also deny access to legitimate users to resources
Its Relevance: Security policies and practices must be adopted by a business or an organization that specify which defenses should be deployed to protect against destructive code of this type. Consistency and the application of standard practices throughout the organization would be deemed to be evidence of due diligence. A risk will be realized if appropriate safeguards are absent.