Access "Understanding the advanced persistent threat"
This article is part of the July/August 2010 issue of Debunking myths about the advanced persistent threat (APT)
The term advanced persistent threat, or APT, joined the common vocabulary of the information security profession in mid-January, when Google announced its intellectual property had been the victim of a targeted attack originating from China. Google wasn't alone; more than 30 other technology firms, defense contractors and large enterprises had been penetrated by hackers using an array of social engineering, targeted malware and monitoring technologies to quietly access reams of sensitive corporate data. Google's public admission put a high-profile face on targeted attacks and the lengths attackers would go to gain access to proprietary corporate and military information. It also kicked off a spate of vendor marketing that promised counter-APT products and services that have only served to cloud the issue for security managers and operations people. In this article, we'll define APT, dispel some myths and explain what you can do about this adversary. WHAT IS THE ADVANCED PERSISTENT THREAT? The United States Air Force coined the phrase advanced persistent ... Access >>>
Premium Content for Free.
Security response teams grapple with cloud computing security concerns
No clear answers at conference but experts urge organizations to proceed with caution.
Understanding the advanced persistent threat
Think you know all you need to know about the advanced persistent threat? We'll define APT and dispel a few myths.
- Security response teams grapple with cloud computing security concerns
Building an information security skills matrix
Your information security skills matrix – that connection between your tangible skills and personal qualities – is what separates you from your peers.
The pros and cons of security software-as-a-service
Security software-as-a-service can help organizations reduce security headaches but also can present challenges.
- Building an information security skills matrix
Information security maturity model
by Chris McClean, Contributor
Use an information security maturity model to illustrate how security supports the organization.
Three hazards to avoid in planning a career in information security
Building a career plan just might lead security professionals headfirst into some dubious challenges.
Insecure software: A never-ending saga
Insecure software has been a long-standing issue in the industry. Progress on secure software development is critical.
- Information security maturity model by Chris McClean, Contributor
More Premium Content Accessible For Free
Is your mobile security strategy combating the wrong enemy?
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
What's the best focus for MDM strategy now?
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...
Beat the security odds with a cloud risk equation
Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their ...