- Advanced persistent threats (APTs) are becoming more and more prevalent, targeting any and all organizations that have some valuable intellectual property or are laterally connected to a target organization.
- Companies need to know how to protect themselves from an attack, track and quantify an attack, respond to an attack, and ensure maintenance.
- Enterprise users need to know what a spear phishing attack looks like and what they should watch for in order to mitigate against their manipulation.
Our Advice
Critical Insight
- APTs are a real risk to most organizations, regardless of size, and most don’t properly know how to defend against one.
- A multi-layered defence approach is needed with specific tracking and monitoring capabilities.
Impact and Result
- Identify your risk posture that identifies the likelihood an advanced persistent threat would be carried out against your organization.
- Prioritize your security gaps based on the importance and achievability of each measure to ensure you are successful in your role.
- Build the necessary layered security to defend, respond, and investigate an attack to ensure when an attack does occur you are covered across all aspects.
Workshop: Secure Critical Systems and Intellectual Property Against APT
Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn't enough, we offer low-cost delivery of our project workshops. We take you through every phase of your project and ensure that you have a roadmap in place to complete your project successfully.
Module 1: Assess and Grade Current APT Security Measures
The Purpose
- Validate your identified risk posture and likelihood for an APT attack.
- Comprehensively grade your current security system.
Key Benefits Achieved
- Identified risk posture for an APT
- Graded current APT security measures
Activities
Outputs
Validate your risk posture
Identify existing APT security measures in place
- Identified risk posture
Assess and grade security maturity and capability levels
- Graded APT security measures
Determine overall enterprise risk to an APT
Module 2: Perform Gap Analysis and Prioritization
The Purpose
- Identify the current security gaps that must be bridged from existing security measures to the target state
- Evaluate these gaps
- Prioritize gaps
Key Benefits Achieved
- Prioritized list of your APT security gaps
Activities
Outputs
Perform gap analysis
Evaluate identified gaps
Understand and implement an enterprise risk tolerance
Develop importance and achievability levels for each gap
Prioritize your APT security gaps
- Prioritized list of your APT security gaps
Module 3: Build the Defenses and Prepare
The Purpose
- Build a strong end-user education and training plan
- Improve threat intelligence
- Limit and control user access
- Implement strong security infrastructure
- Develop active monitoring capabilities
Key Benefits Achieved
- End-user training plan
- Threat intelligence roadmap
- Access control action plan
- Infrastructure action plan
- Monitoring action plan
Activities
Outputs
Educate employees
- End-user training plan
Improve threat intelligence
- Threat intelligence roadmap
Control access
- Access control action plan
Implement strong security infrastructure
- Infrastructure action plan
Build active monitoring
- Monitoring action plan
Module 4: Build Ad Hoc Attack Processes
The Purpose
- Develop response capabilities to an attack
- Develop investigative capabilities
- Create sustainable APT security
Key Benefits Achieved
- CIRT team
- Incident management plan
- Digital forensic understanding
- Intrusion reconstruction ability
- Responsibility and ownership allocation
Activities
Outputs
Create a CIRT team
- CIRT team
Develop an incident management plan
- Incident management plan
Understand digital forensics
- Digital forensic understanding
Develop intrusion reconstruction techniques
- Intrusion reconstruction ability
Allocate responsibility and ownership
- Responsibility and ownership allocation