noFUD – No Fear Uncertainty or Doubt

Put four CSOs together and sooner or later they’ll start talking about Advanced Persistent Threat (APT). Now imagine the conversation with 20 CSOs together.

I recently hosted a session at a security event at Microsoft and the two dozen security executives started discussing APT. Each of them had a different description of APT’s and opinions ranged from APT being the next frontier of security to it being the next Y2K. Consensus seemed to coalesce around the definition of  APT being characterized by wide spectrum of attack, targeted on particular goals, persistently finding ways to sustain the compromise, highly-resourced attackers and intentional attacks rather than opportunistic attacks. Most organizations admitted that they were looking to invest in APT related programs over the next three years.

While most organizations will continue to struggle with separating the real from the hype surrounding APT, I’d suggest considering the following questions when dipping your toes in the murky APT water:

• How does your organization define APT?
• How does this APT definition differ from traditional threats?
• What are the primary drivers for APT related programs in your organization?
• How will your current mitigations stand up to your definition of  APT?
• How will APT influence your existing Information Security programs?

This entry was posted on January 11, 2011 at 4:00 pm and is filed under Application Security, Security. You can subscribe via RSS 2.0 feed to this post's comments. You can comment below, or link to this permanent URL from your own site.