Security experts from RSA, EMC and VMware have released a security brief that outlines a fundamental yet strategic change in how organisations can better prioritise activities and identify escalating advanced persistent threats.
The 'Mobilising intelligent security operations for advanced persistent threats', brief shows how new technologies applied both during and after the incident are effective in thwarting the attack.
The brief includes six core elements: taking a more information-centric approach to security risk planning; understanding attack modelling in a complex environment determines which systems, people and processes have access to valuable information; virtualised environments; to continually monitor the environment to identify typical states which can then be applied to identify problematic patterns early; assessment of risks and vary responses accordingly; and continual improvement through forensic analysis and community learning.
David Hunter, chief technology officer for the worldwide public sector at VMware, said: “Advanced persistent threats are inevitable for most large organisations. With the complexity of today's IT environment we expect to see threats increasingly target corporate intellectual property requiring organisations to evolve their IT and security operations to counter advanced persistent threats and other fast-evolving threats.”
Bret Hartman, chief technology officer of RSA, said: “To manage security at the speed and scale of the cloud and to deal with unpredictable adaptive threats such as advanced persistent threats, organisations need to build upon the capabilities of today's security operations centre evolving their security operations to effectively manage these new threats.”