Five Ways to Detect and Respond to Targeted CyberattacksAdded 24th May 2013
The advanced persistent threat (APT) is waging an all-out attack on enterprises’ intellectual property. Yet most companies continue to try to protect themselves using approaches that are years out of date. That is one of the conclusions in Responding to Targeted Cyberattacks, a frank new how-to book published by global IT association ISACA and written by professionals at Ernst & Young LLP.
The threat landscape has progressed from unsophisticated “script kiddies” to hackers to insiders to today’s state-sponsored attacks, where enterprises are attacked because of who they are, what they do and the value of their intellectual property (IP).
“There are no universal solutions to prevent being infiltrated,” said James Holley, leader for Ernst & Young LLP’s Information Security Incident Response services and co-author of the book. “If sophisticated and well-funded attackers target a specific environment, they will get in. In this rapidly evolving threat landscape, information security professionals need to adopt the mindset that their network is already compromised or soon will be.”
In a detailed look at an escalating global problem, the authors highlight five things every organization should know:
1. Advanced threats now target people—people have become your first line of defense.
2. Cyberattacks are a business problem and a people problem, not just a technology problem.
3. User education and awareness are critical to your success.
4. “Prevention” strategies of the past are not enough now – today’s strategy needs to be: “Complicate – Detect – Respond – Educate – Govern.”
5. Four emerging capabilities are needed to implement the new strategy for dealing with cyberattacks:
- Centralized log aggregation and correlation
- Ability to conduct forensic analysis across the enterprise
- Ability to sweep the enterprise for “indicators of compromise
- Ability to inspect memory to detect malicious code
“This book is in response to a need identified by security, risk and assurance professionals—the people on the front lines of keeping attackers in check and protecting an organization’s key assets,” said Rolf von Roessing, CISA, CISM, CGEIT, CISSP, FBCI, president, FORFA AG and member of ISACA’s Professional Influence and Advocacy Committee. “There are plenty of books on incident management, but very few that offer an actionable roadmap for preparing, containing and mitigating cyberattacks.”
Responding to Targeted Cyberattacks is the second installment in a cybersecurity series from ISACA, a global association of 100,000 information security, assurance, risk and governance professionals. The first, Advanced Persistent Threat Awareness Study Results, was issued in February. The survey of more than 1,500 security professionals found that an overwhelming majority (94 percent) of respondents believe the APT represents a credible threat to national security and economic stability. Additionally, 63 percent think it is only a matter of time before they are attacked and one in five has already experienced an APT attack.
The book is available at no charge to members of ISACA; non-members can purchase a print or electronic version at www.isaca.org/cyberattacks.
University researchers have developed a technique that governments and Internet service providers could use to bypass secured Internet connections and gather valuable personal information.
For this month's "Patch Tuesday" round of bug fixes, Microsoft has focused on correcting multiple vulnerabilities in Internet Explorer (IE), including one that is already being used in targeted attacks.
Latest research by BAE Systems Applied Intelligence has shed more light on the Snake cyber espionage toolkit.
Hewlett-Packard has found some success with a platform, called Aurasma, that provides augmented reality services to portable devices.
Huawei's enterprise unit has launched the FusionCube for high-end HANA systems and will also work with SAP on products for areas such as enterprise mobility.
People who plan to run Windows XP after Microsoft pulls the patch plug should dump Internet Explorer (IE) and replace it with a different browser, the U.S. Computer Emergency Readiness Team (US-CERT) said Monday.
Aviation experts have cited multiple possible reasons for the problems in the multi-country effort to locate the Malaysia Airlines jetliner that dropped off the grid over the South China Sea four days ago.
A wearable ring device, called Fin, developed by a 23-year-old Indian is the latest sensation in wearables.
As a company that draws more than 2 billion eyeballs per month, Facebook was a fitting harbinger of trends to come at an optical networking conference.
SAP has joined forces with the German national soccer team ahead of the World Cup in Brazil to showcase what analytics powered by its HANA platform can do to improve performance.
The fourth quarter of 2013 was when cyber crime became a reality for more people than ever before, a McAfee report has found.
The Cloud offers cost benefits that may rival traditional datacentre deployments, though Hitachi Data Systems (HDS) said it is not without its risks.
"There are four critical questions every enterprise and IT administrator should ask when considering file sharing services," says Adam Gordon, author of "Official (ISC)2 Guide to the CISSP CBK, Third Edition ((ISC)2 Press)." These include: Where will the service store and share files? Who will view the files? How will the service protect the files? And, what types of files will the service permit in the storage system? If a service provider doesn't respond satisfactorily, CISOs should consider their options.
Apple has released iOS 7.1, with an array of visual tweaks, some bug fixes, and an option that lets users turn off the so-called "parallax effect" that creates an illusion of changing perspective, and hence motion, in the radically redesigned user interface.
Encryption technologies can be a powerful tool against government surveillance, but the most effective techniques are still largely out of reach to the average Internet user, Edward Snowden said Monday.