IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
internet of things
#
work from home
Search
Story image
#
Cybersecurity
#
Physical Security
#
Awareness
Cyber-attacks: 5 things companies should know
Fri, 17th May 2013
FYI, this story is more than a year old
By Staff Writer
Follow us

The advanced persistent threat is waging an all-out attack on enterprises’ intellectual property.

Yet most companies continue to try to protect themselves using approaches that are years out of date.

That is one of the conclusions in Responding to Targeted Cyberattacks, a frank new how-to book published by global IT association ISACA and written by professionals at Ernst & Young LLP.

The threat landscape has progressed from unsophisticated “script kiddies” to hackers to insiders to today’s state-sponsored attacks, where enterprises are attacked because of who they are, what they do and the value of their intellectual property (IP).

“There are no universal solutions to prevent being infiltrated,” sayx James Holley, leader, Ernst & Young LLP’s Information Security Incident Response services.

“If sophisticated and well-funded attackers target a specific environment, they will get in.

"In this rapidly evolving threat landscape, information security professionals need to adopt the mindset that their network is already compromised or soon will be.”

Five things companies should know:

• Advanced threats now target people—people have become your first line of defense.

• Cyberattacks are a business problem and a people problem, not just a technology problem.

• User education and awareness are critical to your success.

• “Prevention” strategies of the past are not enough now – today’s strategy needs to be: “Complicate – Detect – Respond – Educate – Govern.”

• Four emerging capabilities are needed to implement the new strategy for dealing with cyberattacks:

• Centralised log aggregation and correlation; Ability to conduct forensic analysis across the enterprise, ability to sweep the enterprise for indicators of compromise and ability to inspect memory to detect malicious code

The survey of more than 1,500 security professionals found that an overwhelming majority (94%) of respondents believe the APT represents a credible threat to national security and economic stability.

Additionally, 63% think it is only a matter of time before they are attacked and one in five has already experienced an APT attack.

Is this an act of scaremongering or are companies facing serious cyber-security threats? Tell us your thoughts below

Related stories
Gen AI optimism high in ANZ but cybersecurity concerns loom
NetApp 2024 report uncovers 'disrupt or die' era powered by AI
ANZ senior leaders caution over cybersecurity, global figures differ
'Junk gun' ransomware: New low-cost cyber threat targets SMBs
Legit Security announces strategic partnership with GuidePoint Security
Top stories
Starline unveils Remote Plug-In Actuator for safer data centre operations
Auckland ranks fourth in global remote work destinations
Noel Leeming launches tech trade-in scheme across New Zealand
ADLINK unveils high-performance Atom-powered modules for IoT solutions
AVEVA unveils CONNECT, AI-driven industrial intelligence platform