Five Ways to Detect and Respond to Targeted CyberattacksAdded 24th May 2013
The advanced persistent threat (APT) is waging an all-out attack on enterprises’ intellectual property. Yet most companies continue to try to protect themselves using approaches that are years out of date. That is one of the conclusions in Responding to Targeted Cyberattacks, a frank new how-to book published by global IT association ISACA and written by professionals at Ernst & Young LLP.
The threat landscape has progressed from unsophisticated “script kiddies” to hackers to insiders to today’s state-sponsored attacks, where enterprises are attacked because of who they are, what they do and the value of their intellectual property (IP).
“There are no universal solutions to prevent being infiltrated,” said James Holley, leader for Ernst & Young LLP’s Information Security Incident Response services and co-author of the book. “If sophisticated and well-funded attackers target a specific environment, they will get in. In this rapidly evolving threat landscape, information security professionals need to adopt the mindset that their network is already compromised or soon will be.”
In a detailed look at an escalating global problem, the authors highlight five things every organization should know:
1. Advanced threats now target people—people have become your first line of defense.
2. Cyberattacks are a business problem and a people problem, not just a technology problem.
3. User education and awareness are critical to your success.
4. “Prevention” strategies of the past are not enough now – today’s strategy needs to be: “Complicate – Detect – Respond – Educate – Govern.”
5. Four emerging capabilities are needed to implement the new strategy for dealing with cyberattacks:
- Centralized log aggregation and correlation
- Ability to conduct forensic analysis across the enterprise
- Ability to sweep the enterprise for “indicators of compromise
- Ability to inspect memory to detect malicious code
“This book is in response to a need identified by security, risk and assurance professionals—the people on the front lines of keeping attackers in check and protecting an organization’s key assets,” said Rolf von Roessing, CISA, CISM, CGEIT, CISSP, FBCI, president, FORFA AG and member of ISACA’s Professional Influence and Advocacy Committee. “There are plenty of books on incident management, but very few that offer an actionable roadmap for preparing, containing and mitigating cyberattacks.”
Responding to Targeted Cyberattacks is the second installment in a cybersecurity series from ISACA, a global association of 100,000 information security, assurance, risk and governance professionals. The first, Advanced Persistent Threat Awareness Study Results, was issued in February. The survey of more than 1,500 security professionals found that an overwhelming majority (94 percent) of respondents believe the APT represents a credible threat to national security and economic stability. Additionally, 63 percent think it is only a matter of time before they are attacked and one in five has already experienced an APT attack.
The book is available at no charge to members of ISACA; non-members can purchase a print or electronic version at www.isaca.org/cyberattacks.
Riverbed Technology has released a rebranded SteelFusion line of storage appliances, signaling its intention to further centralize its branch office lines and combine as much functionality as possible into a single device.
Red Hat is looking to advance the Docker Linux container application for wider enterprise use.
In a surprise announcement, enterprise asset intelligence company Zebra Technologies said it is acquiring Motorola's Enterprise business for US$3.45 billion in an all-cash transaction.
Microsoft may have ended support for Windows XP, but free antivirus software vendor Avast projects that for millions of users, that won't mean squat.
Microsoft is targeting the growing volume of data being generated by both machines and humans: CEO Satya Nadella on Tuesday showed off tools that could help organizations better understand -- and profit from -- this trove of information.
SAP user groups are stepping up pressure on the vendor over the fees charged for its user-friendly Fiori applications, saying they should be included as part of the substantial annual maintenance costs customers already pay.
Intel is trying desperately to grow its share of the tablet market, and with Windows flunking out on those devices, Android is where it's at.
VMware started patching its products against the critical Heartbleed flaw that puts encrypted communications at risk, and plans to have updates ready for all affected products by Saturday.
In the race to protect themselves from the Heartbleed vulnerability, enterprises could be opening themselves up to new attacks if they aren't careful.
The operator of an independent website aimed at helping users of J.D. Edwards enterprise resource planning software has shut it down after Oracle alleged the site infringed on its copyrights.
Big data analytics are driving rapid growth for public cloud computing vendors with revenues for the top 50 public cloud providers shooting up 47% in the fourth quarter last year to $6.2 billion, according to Technology Business Review Inc.
Microsoft is updating its Web-based Office Online suite, narrowing the features gap with the main Office 365 and Office 2013 suites installed on users' devices.
While almost all of the attention has centered on patching Web servers and advising users to change their passwords, security researchers have discovered that individual client PCs and devices are also at risk thanks to "Reverse Heartbleed."
McAfee has released a free 'Heartbleed checker' to help internet users easily gauge their susceptibility to the Heartbleed Bug.
Akamai Technologies, whose network handles up to 30 percent of all Internet traffic, said that a researcher found a fault in custom code that the company thought shielded most of its customers from the Heartbleed bug.