Sunday, January 24, 2010

Current high focus area for CISOs should be APT

These APTs has been getting lot of attention recently and reasons why CISOs should focus on this threat now are:

a)      These are essentially a type of targeted attack

b)      And if they miss they reload and fire again till they hit the target

c)       These are “Advanced” meaning  they use publicly available exploits as well as develop custom ones

Draw up action items like; more focus on log analysis and checking out the reason behind the traffic to that  xyz country IP(s) where your company has no business, more aggressive SPAM filtering, etc... And it helps to do things like network pruning and review of your IT policies & procedures

Posted via email from Ramki's posterous