dcsimg

Advanced Persistent Threats

  • Advanced Persistent Threats-

    Experts agree that a cyber conflict with physical ramifications out­side of a traditional kinetic conflict is unlikely. But they also believe the cyber vector is a new force multiplier in nation-state conflicts. Whether APTs are targeting infrastructure, corporations or govern­ments, there is a strong need for public/private collaboration to improve security.

    “Enhanced situational awareness based on reliable threat intelli­gence is critical to forming effective defense strategies against these advanced threat actors. Without a thorough understanding of the threat, defensive strategies and spending will be inefficient at best and ineffective at worst,” said Hensley.

    Hensley advocates a layered security process and controls, continu­ously applied and updated based on ongoing visibility of evolving threats. Security processes and controls should include vulnerability lifecycle management, endpoint protection, intrusion detection/pre­vention systems, firewalls, logging visibility, network visibility and security training.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18

Advanced Persistent Threats

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18
  • Advanced Persistent Threats-17

    Experts agree that a cyber conflict with physical ramifications out­side of a traditional kinetic conflict is unlikely. But they also believe the cyber vector is a new force multiplier in nation-state conflicts. Whether APTs are targeting infrastructure, corporations or govern­ments, there is a strong need for public/private collaboration to improve security.

    “Enhanced situational awareness based on reliable threat intelli­gence is critical to forming effective defense strategies against these advanced threat actors. Without a thorough understanding of the threat, defensive strategies and spending will be inefficient at best and ineffective at worst,” said Hensley.

    Hensley advocates a layered security process and controls, continu­ously applied and updated based on ongoing visibility of evolving threats. Security processes and controls should include vulnerability lifecycle management, endpoint protection, intrusion detection/pre­vention systems, firewalls, logging visibility, network visibility and security training.

In the past year, we have witnessed cyber attacks of unprecedented sophistication and reach. These attacks demonstrate that malicious actors have the ability to com­promise and control millions of computers that belong to governments, private enterprises and ordinary citizens. If we are going to prevent motivated adversaries from attack­ing our systems, stealing our data and harming our critical infrastructure, the broader community of security research­ers — including academia, the private sector and govern­ment — must work together to understand emerging threats and to develop proactive security solutions to safeguard the Internet and physical infrastructure that relies on it.

This slideshow features emerging cyber threats for 2012, identified by the Georgia Tech Information Security Center and the Georgia Tech Research

Institute.

More

Slideshows

:


Ten Apple Apps for BusinessApple apps to help increase business productivity.

Top Eight Features in Windows Server 8 Windows Server 8 is a technically sophisticated operating system that is crammed with features that bring many previously enterprise-only capabilities to small and mid-sized businesses.

Seven Points CIOs Must Know About the Board of Directors Seven areas that CIOs must understand and act upon in order to effectively work with the board.