These APTs has been getting lot of attention recently and reasons why CISOs should focus on this threat now are:
a) These are essentially a type of targeted attack
b) And if they miss they reload and fire again till they hit the target
c) These are “Advanced” meaning they use publicly available exploits as well as develop custom ones
Draw up action items like; more focus on log analysis and checking out the reason behind the traffic to that xyz country IP(s) where your company has no business, more aggressive SPAM filtering, etc... And it helps to do things like network pruning and review of your IT policies & procedures
No comments:
Post a Comment