Security experts from RSA, EMC and VMware have released a security brief that outlines a fundamental yet strategic change in how organisations can better prioritise activities and identify escalating advanced persistent threats.
Mobilising Intelligent Security Operations for Advanced Persistent Threats brief shows how new technologies applied during and after the incident are effective in thwarting the attack.
It included six elements:
- Taking a more information-centric approach to security risk planning;
- understanding attack modelling in a complex environment determines which systems, people and processes have access to valuable information;
- virtualised environments;
- to continually monitor the environment to identify typical states which can then be applied to identify problematic patterns early;
- assessment of risks and vary responses accordingly;
- continual improvement through forensic analysis and community learning.
David Hunter, chief technology officer for the worldwide public sector at VMware, said: “Advanced persistent threats are inevitable for most large organisations. With the complexity of today's IT environment we expect to see threats increasingly target corporate intellectual property requiring organisations to evolve their IT and security operations to counter advanced persistent threats and other fast-evolving threats.”
Bret Hartman, chief technology officer of RSA, said organisations had to update their processes and policies to deal with the "speed and scale of the cloud".