The group focused on three things. First, was assessment. How do we feel about the APT threat as a whole? How top of mind APTs were for the group members varied depending on the industry they were in. For example, some of the financial services executives didn’t place it as high on their list as others, but certainly didn’t dismiss them. Next they focused on controls. The group agreed that the value of intelligence really drives your ability to be able to combat an APT threat. Without valid actionable info from government sources or peers, it becomes significantly more difficult to tackle the threats caused by APTS. The quality of actionable intel also seemed to vary from industry to industry as did how they went about getting said intel. The topic of sandboxing potential threats at the endpoint and endpoint forensics and how they can be used to better dissect and understand threats. Finally the group discussed the impact of APTs at both an organization and career level. While a few years ago, some people felt these kinds of incidents might cost someone their job, today more organizations are actually looking for execs that have dealt with this kinds of incidents. The paradigm has to shift from prevention to response. These scenarios need to be viewed as an inevitability instead of something that mustn’t happen.