Five Ways to Detect and Respond to Targeted CyberattacksAdded 24th May 2013
The advanced persistent threat (APT) is waging an all-out attack on enterprises’ intellectual property. Yet most companies continue to try to protect themselves using approaches that are years out of date. That is one of the conclusions in Responding to Targeted Cyberattacks, a frank new how-to book published by global IT association ISACA and written by professionals at Ernst & Young LLP.
The threat landscape has progressed from unsophisticated “script kiddies” to hackers to insiders to today’s state-sponsored attacks, where enterprises are attacked because of who they are, what they do and the value of their intellectual property (IP).
“There are no universal solutions to prevent being infiltrated,” said James Holley, leader for Ernst & Young LLP’s Information Security Incident Response services and co-author of the book. “If sophisticated and well-funded attackers target a specific environment, they will get in. In this rapidly evolving threat landscape, information security professionals need to adopt the mindset that their network is already compromised or soon will be.”
In a detailed look at an escalating global problem, the authors highlight five things every organization should know:
1. Advanced threats now target people—people have become your first line of defense.
2. Cyberattacks are a business problem and a people problem, not just a technology problem.
3. User education and awareness are critical to your success.
4. “Prevention” strategies of the past are not enough now – today’s strategy needs to be: “Complicate – Detect – Respond – Educate – Govern.”
5. Four emerging capabilities are needed to implement the new strategy for dealing with cyberattacks:
- Centralized log aggregation and correlation
- Ability to conduct forensic analysis across the enterprise
- Ability to sweep the enterprise for “indicators of compromise
- Ability to inspect memory to detect malicious code
“This book is in response to a need identified by security, risk and assurance professionals—the people on the front lines of keeping attackers in check and protecting an organization’s key assets,” said Rolf von Roessing, CISA, CISM, CGEIT, CISSP, FBCI, president, FORFA AG and member of ISACA’s Professional Influence and Advocacy Committee. “There are plenty of books on incident management, but very few that offer an actionable roadmap for preparing, containing and mitigating cyberattacks.”
Responding to Targeted Cyberattacks is the second installment in a cybersecurity series from ISACA, a global association of 100,000 information security, assurance, risk and governance professionals. The first, Advanced Persistent Threat Awareness Study Results, was issued in February. The survey of more than 1,500 security professionals found that an overwhelming majority (94 percent) of respondents believe the APT represents a credible threat to national security and economic stability. Additionally, 63 percent think it is only a matter of time before they are attacked and one in five has already experienced an APT attack.
The book is available at no charge to members of ISACA; non-members can purchase a print or electronic version at www.isaca.org/cyberattacks.
The easy access Google's web crawlers have to sites is increasingly being exploited by cybercriminals in launching distributed denial of service attacks, a security vendor says.
Tries out more efficient Elliptic Curve Diffie-Hellman.
R. Srikrishna, formerly with HCL, becomes chief executive officer, effective today, replacing P.R. Chandrasekar.
Nadella signals dual-use function coming to phones, confirms single Windows OS for all platforms.
The new option is reportedly enabled by default in the update to Database 12c.
Two sides are still at odds, despite some collaborative moves.
Indian women in positions of IT leadership say there is no glass ceiling in IT. Yet only one-in-three women reach supervisory positions in IT. Women CIOs offer insight.
On the heels of Flipkart’s second outage due to a spike in traffic, IT leaders from Snapdeal, Myntra talk about the challenges of preparing e-commerce platforms for surges in traffic.
Although big data still tops the Indian CIO’s list of most over-hyped technologies, the number of CIOs who believe that is coming down.
Google's Thread standard for communication between devices connected to the Internet of Things joins several similar efforts.
Fortinet are the first network security vendor to deliver a firewall that exceeds 1 terabit per second (Tbps) throughput performance.
A vibration-harvesting power supply and a chip architecture for low-power communications are the latest entries.
There is a fierce debate about whether GMOs--genetically modified organisms--with built-in resistance to pests, fungus, drought and other agricultural threats, are a good thing when it comes to our food supply.
Android and Windows tablet vendors are creeping in on Apple's top spot, IDC said.
The compromised information includes email addresses, phone numbers and physical contact addresses of ECB event participants.