Skip to main content

Controls to Address APTs

Controls to Address Advanced Persistent Threats & Information Warfare:

  • Preventive Controls: These are the controls which prevent loss from occurring. For example, this control that applies separation of responsibilities like one employee can submit a payment request and second employee must authorize that request, it will minimizes the chances that employee can submit fraudulent payments.
  • Detective Controls: These controls are especially for the monitoring activity to find out the cases where correct practices were not followed. For example, business might settle the general payment request audit logs to identify fraud payments logs
  • Corrective Controls: Corrective controls are designed to restore the system back to the state prior to a destructive event. For example, business may apply full refurbishment of a system from backup tapes after evidence is found that someone has inappropriately altered the payment data.

Advanced persistent threats usually target victims at users’ ends using social engineering technique, attacks that are usually more effective because they are targeted with knowledge gathered from social networking sites.
It is possible that hackers will search for information readily available on the Internet to find individual victims and organizational roles to target. They do this in order to gain knowledge of organizational arrangement, internal working and eventually to target individuals they trust will potentially have access to or own the most sensitive data.
It is important that organizations behave like their opponent and understand that it is any loophole that can be used against their organizations and that a determined attacker will stop at not to find a technical vulnerability to exploit or determine where loopholes exist in your business ideas. It is critical that all organizations take the appropriate steps to deal with the social engineering aspects of users.

Following are a few more general best practices to adopt to control APT and information warfare attacks:

  • Always use defense in depth concept for security, single technology will not prohibit advanced targeted attacks.
  • Continuous integration and security intelligence between your security controls should be a stated security program objective.
  • Setting awareness in security controls should be a important requirement while evaluating the security of protection platforms.
  • Evaluation of all security technologies and existing controls if required, update or upgrade them and apply advanced features in the latest available products or services to continue with changes in the threat background.
  • Review the policies applied but do it with the idea of joining the security processes between each technology so that actual management of threats is possible and decreasing of breach events is the more likely possible.
  • Staff suitably to ensure that you can operate all the upcoming technologies and required to engage third parties to manage more service security checks while you focus on the strategic security processes and technologies.

Comments

Post a Comment

thank you for visiting :)

Popular posts from this blog

The Seven-Step Model of Migration

Irrespective of the migration approach adopted, the Seven-step Model of Cloud Migration creates a more rational point of view towards the migration process and offers the ability to imbibe several best practices throughout the journey Step 1: Assess Cloud migration assessments are conducted to understand the complexities in the migration process at the code, design and architectural levels. The investment and the recurring costs are also evaluated along with gauging the tools, test cases, functionalities and other features related to the configuration. Step 2: Isolate The applications to be migrated to the cloud from the internal data center are freed of dependencies pertaining to the environment and the existing system. This step cuts a clearer picture about the complexity of the migration process. Step 3: Map Most organisations hold a detailed mapping of their environment with all the systems and applications. This information can be used to distinguish between the ...
Post a Comment
Read more

Cloud Computing architecture

Cloud computing architecture refers to all components and sub-components that together form the structure of the cloud computing system. This architecture can be divided into three parts for better understanding – front end, back end and middleware. Each part of the cloud architecture has its own set of functionalities and protocols that work together to deliver on-demand services to user-facing hardware as well as software. In general, the architecture is evolved out of large distributed network applications over the last two decades. Hence it supports any system where resources can be pooled and partitioned as required. The general cloud architecture is capable of running multiple software applications running on multiple virtual hardware in multiple locations to efficiently render on-demand services to the users. The users could be using these software applications from their desktop or laptop or mobile or tablets. Usually, whatever the user is looking at – through t...
Post a Comment
Read more

connection oriented

connection-oriented:- connection-oriented  describes a means of transmitting data in which the devices at the end points use a preliminary  protocol  to establish an end-to-end connection before any data is sent. Connection-oriented protocol service is sometimes called a "reliable" network service, because it guarantees that data will arrive in the proper sequence. Transmission Control Protocol ( TCP ) is a connection-oriented protocol. For connection-oriented communications, each end point must be able to transmit so that it can communicate. The alternative to connection-oriented transmission is the  connection-less  approach, in which data is sent from one end point to another without prior arrangement. Connection-less protocols are usually described as  stateless  because the end points have no protocol-defined way to remember where they are in a "conversation" of message exchanges. Because they can keep track of a conversation, connection-or...
Post a Comment
Read more

tag