The Cyber Landscape
“The cyberattack that crippled Sony…would have slipped or probably got past 90% of internet defenses that are out there today in private industry and would have challenged even state government.”
Joe Demarest, Assistant Director, Cyber Division, FBI
The traditional landscape of cyber governance is shifting. Gone are the days of reliance on signature-based platforms and “patch” modalities that can be effective at blocking known malware but fail to halt the thousands of unknown threats seeking to penetrate a company’s shrinking peripheral line of defense.
Welcome to the new age of zero-day and targeted advanced persistent threat (APT) attacks, where nation states, criminal organizations and hacktivists have so disrupted the world’s digitized ecosystem that top intelligence officials from the FBI, NSA and CIA recently disclosed cyber attacks have eclipsed terrorism as our #1 national security threat.
In 2014 alone there were 42.8 million reported attacks on global companies of divergent size that cost the world economy $445 billion, representing a 48% upswing from the previous year. And despite a record $71.1 billion spent on cyber security in 2014, with data-loss-prevention expenditures up 18.9%, the number of cyber attacks continue to burgeon at an alarming rate. It is now evident from the devastating breaches at Anthem, OPM, Home Depot, Target, Sony and JP Morgan Chase that in the global battle against cyber crime, not even the industry titans are immune, and in fact most security defenses are failing fast.
But despite the alarming statistics, there is a way for organizations to reduce their attack surface and manage their risk. Intrench has developed a time-tested methodology similar to what is used in the government sector. This approach relies on balancing people, processes and technology.
Advanced Persistent Threats
The tools, techniques and procedures (TTP) normally associated with APTs were commonly reserved for governments waging covert cyber-warfare on one another. However, these same techniques are now used by criminals to gain a foothold in organizations with the the sole purpose of monetizing stolen data.
Cyber Security Awareness
There are many ways a cyber attacker can compromise our data and identities online.
days is the average time it takes to detect a data breach