Advanced Persistent Threat (APT): Real or just hype?

Put four CSOs together and sooner or later they’ll start talking about Advanced Persistent Threat (APT). Now imagine the conversation with 20 CSOs together.

I recently hosted a session at a security event at Microsoft and the two dozen security executives started discussing APT. Each of them had a different description of APT’s and opinions ranged from APT being the next frontier of security to it being the next Y2K. Consensus seemed to coalesce around the definition of  APT being characterized by wide spectrum of attack, targeted on particular goals, persistently finding ways to sustain the compromise, highly-resourced attackers and intentional attacks rather than opportunistic attacks. Most organizations admitted that they were looking to invest in APT related programs over the next three years.

While most organizations will continue to struggle with separating the real from the hype surrounding APT, I’d suggest considering the following questions when dipping your toes in the murky APT water:

  • How does your organization define APT?
  • How does this APT definition differ from traditional threats?
  • What are the primary drivers for APT related programs in your organization?
  • How will your current mitigations stand up to your definition of  APT?
  • How will APT influence your existing Information Security programs?
About these ads

2 thoughts on “Advanced Persistent Threat (APT): Real or just hype?

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s