Cyber-adversaries are willing to remain invest resources and be doggedly tenacious until they finally penetrate their targeted corporate networks, compromise systems, and complete their missions. Security measures currently being used—such as preventing (blocking) the attack from delivering malware and gaining system access, deploying systems in hardened configurations, installing antivirus software on endpoints and servers, patching software vulnerabilities, and blocking malicious IP addresses and URLs—mainly focus on counjtering the first few steps of the attack lifecycle. They do not take into account the multiple steps associated with modern APTs and advanced attacks. CISOs must incorporate and provide analytics strategies and toolsets within their organizations as soon as possible.
Unfortunately, threat detection, investigation, and response at many organizations remain relatively immature and manually intensive. ESG recently ran a survey of enterprise security professionals to define their organization’s biggest incident detection/response weaknesses, and the top three most-cited responses relate to situations where an attacker has gained access to the enterprise:
29% of respondents say they have an organizational weakness when performing forensic analysis to determine the root cause of a problem. For the full article click here
from cyber security caucus http://ift.tt/1QTBybm
via IFTTT
No comments:
Post a Comment