Advanced, undetectable threats are top of the list when it comes to IT managers’ security concerns, according to IBM.
Speaking during the V3 Security Summit, Ziv Cohen, European sales director for IBM Trusteer Enterprise Solutions, warned that advanced persistent threats (APTs) and advanced evasion techniques (AETs) are proving troublesome for firms to deal with owing to their stealthy nature.
[To find out more about protecting your business from advanced threats, register to view our video interview with Cohen.]
“The most critical threats that IT managers prioritise at the moment are definitely advanced persistent threats,” Cohen explained.
“This is a threat that flies under the radar of current security solutions. Even though they have invested heavily in security solutions, still this threat can find its way into the organisation silently. They infect the computers and create persistency and reach out to the data without the company even being aware of it.”
As well as the difficulty in dealing with APTs and AETs owing to their under-the-radar nature, malicious users have also evolved to target their attacks very specifically and are not going after one particular sector or business type.
“With APTs they are crafting their attacks so they know exactly who the person is they want to reach out to, who the person is they need to infect, whether this person has the right permissions and access to the sensitive data they would like to steal,” Cohen warned.
“All kinds of organisations are facing these threats – agriculture, healthcare, education and clearly financial services as well. With APTs, the goal is to get sensitive information, it doesn’t matter which sector it is.”
While perimeter security is an important aspect of fighting advanced threats, Cohen advised that the focus should be where the attack is taking place.
“That’s why it has to be a multi-layer strategy where gateway solutions filter out the known and suspicious parts, but the attack will be prevented on the endpoint where it’s taking place,” he said.
However, even firms that have taken all the appropriate security measures, including educating employees to become more security savvy and adopting multi-layered protection, still face issues.
Read the rest of this post ---->
0 comentarii:
Post a Comment