InfoWorld: 6 lessons learned about the scariest security threats

/Home/Internet Security: Articles/Internet Security: InfoWorld/InfoWorld: Security

These hard-earned lessons of a longtime IT security pro may save you from the fallout of advanced persistent threats

By Roger A. Grimes
FEBRUARY 24, 2014

Advanced persistent threats have garnered a lot of attention of late, deservedly so. APTs are arguably the most dangerous security concern for business organizations today, given their targeted nature.

An APT attack is typically launched by a professional organization based in a different country than the victim organization, thereby complicating law enforcement. These hacking organizations are often broken into specialized teams that work together to infiltrate corporate networks and systems and extract as much valuable information as possible. Illegally hacking other companies is their day job. And most are very good at it.

By all expert opinion, APTs have compromised the information infrastructure of any relevant company. The question isn't whether you've been compromised by an APT, but whether you've noticed it.

I've been helping companies fight and prevent APTs for nearly a decade. In that time I've amassed my share of war stories from the IT security trenches. Here are some of the better real-life tales, not just for the chase, but for the lessons learned.

Click the URL above to read the full article