Simple fixes for advanced persistent threats

Powered by SC Magazine
 

Spend less on what you don't have and more on what you do.

Most Advanced Persistent Threats (APTs) can be mitigated by simple security upgrades, a Telstra security specialist has advised.

According to Scott McIntyre, senior technology architecture specialist in Telstra's Security Operations, the industry was undergoing "a phase of self delusion about the true nature about where the exposures are coming from".

"Most external threats, these APTs, are taking advantage of internal infrastructure and policy failures," he said, noting that he was not speaking on behalf of the telco.

McIntyre spoke at the AusCERT 2011 conference last week after he presented at the previous year's event as the security head for Netherlands ISP XS4All.

He said rather than buy the latest toolkits at the behest of the boss, security professionals should consider upgrading internal systems.

Although the high profile compromise of security company RSA was attributed to APTs, McIntyre said the "crux" of the breach was more simple, and hinged on vulnerabilities in Microsoft Office 2007.

The exploited vulnerabilities may not have been present had RSA upgraded to the 2010 version of the software, he said.

He said chinese whispers and inflated press reports were to blame for the misperception of threats and solutions.

Power to the people

Social networking should be permitted provided staff actions can be traced, according to McIntyre.

"Accountability, responsibility and traceability" are the three tenets that should underline corporate social media policies, he said.

Security professionals should also avoid prescribing security tools in high-level security policies and instead base the documents on implementation procedure, McIntyre said.

"I'm not sure if we will solve the [security] problem if it comes down to something you can put in a spreadsheet."

Copyright © SC Magazine, Australia


Simple fixes for advanced persistent threats
 
 
 
Top Stories
Westpac interim CIO resigns
Group CIO yet to be appointed.
 
Earning the right to innovate
Breaking down the barriers to innovation is a long, but rewarding process, says Bank of Queensland Group CIO, Julie Bale.
 
A call for timely reporting
[Blog post] Businesses need incentives to keep customer data secure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
What is delaying adoption of public cloud in your organisation?







   |   View results
Lock-in concerns
  26%
 
Application integration concerns
  3%
 
Security and compliance concerns
  28%
 
Unreliable network infrastructure
  9%
 
Data sovereignty concerns
  23%
 
Lack of stakeholder support
  3%
 
Protecting on-premise IT jobs
  5%
 
Difficulty transitioning CapEx budget into OpEx
  3%
TOTAL VOTES: 897

Vote