Defending Against Advanced Threats in an Ever-evolving Threat Landscape
Information sharing is a key tactic in protecting against APT and advanced evasion techniques, yet security professionals in both the public and private sectors are challenged with sharing information.
Security professionals generally agree that there is no easy way to share information. Within the public sector, by the time the information is declassified, it's generally of little value. Organizations within the private sector face the prospect of deciding whether they are willing to air their “dirty laundry.” Recommendations for sharing information include:
- Look to service providers that are able to provide threat information
- Create a consortium of different industry sectors or types of businesses
- Use government forums such as US-CERT
Security professionals generally agree that using technology alone is no longer sufficient for combating the APT and advanced evasion techniques threat vectors. By the time organizations procure, configure and install the technology, it’s already on its way to being obsolete. Organizations must therefore shift attention from prevention to detection and response. Recommendations include:
- Understand the challenges and build the expertise in house. In instances where in-house talent is unavailable, look to an integrator that can provide such services.
- Encrypt data.
- Segment the network.
- Know your environment. Identify and protect the organization’s “Crown Jewels.”
- Put the resources toward what really matters rather than trying to protect everything equally.
|