The cyber security threats with which information security pros must contend run the gamut from web-based malware to application vulnerabilities. Both traditional and ever-new methods are being used by cyber criminals to infiltrate corporate and government networks to steal data with ease. Compound this with widespread use of mobile devices and cloud computing and there is a lot on the plate for information security pros to manage. We talk to an expert about some of the insidious threats that security pros should be mindful of and find out the various steps they can take to ensure their risk management plans are keeping up.
There's a saying in the security business these days: Either you've been compromised or you don't know you've been compromised. As advanced adversaries continually penetrate organizations of all sizes to serve persistent threats that siphon data over a period of days, weeks, months and even years, victims must learn how to spot the attack and decide their next action. Should they force the miscreants out the door, monitor their activities a bit or take another option? For certain, building up security mechanisms that make it harder for these attackers to lob APTs at their organization is a must, but just what should this entail. We learn more.
Once an anomaly with which government agencies and some private companies that work with them had to deal, advanced persistent threats (APTs) are becoming a considerable problem for a spate of larger organizations and public entities alike. Now, it is no longer a matter of if sophisticated cyber criminals have infiltrated your systems, say many experts, but when they hit and for how long they've lingered.
As organizations continue to move critical operations online, distributed denial of service (DDoS) attacks are increasing in frequency, sophistication and range of targets. This presentation will cover examples of recent high-profile, multi-layered DDoS attacks to illustrate how new attack vectors, such as the Domain Name System (DNS), are now commonly being targeted by cyber criminals and hacktivists. Attendees will learn about the growing complexity of DDoS attacks and recommendations for mitigation before they damage a company's infrastructure, revenue and reputation. Additionally, best practices for DDoS mitigation will be covered along with general tips for DDoS preparedness.
Protection from malware, advanced threats and data theft requires continuous threat defenses before, during and after the point of click. At each stage of the advanced threat life cycle, important defense architectures and processes must be deployed for maximum detection, protection and forensic analysis.
The threat of Targeted Persistent Attacks (TPAs) continues to grow and nearly every day there is another headline about an organization being breached and critical data stolen. Organizations must ask themselves "Can endpoint security products that are based on a signature/reputation based approach identify and stop targeted attacks launched by well-funded, motivated, sophisticated attackers?" If your organization was targeted and penetrated by an APT attack, would you know?