Description

The newest threat to security has been categorized as the Advanced Persistent Threat or APT. The APT bypasses most of an organization’s current security devices, and is typically carried out by an organized group, such as a foreign nation state or rogue group with both the capability and the intent to persistently and effectively target a specific entity and wreak havoc. Most organizations do not understand how to deal with it and what is needed to protect their network from compromise. In Advanced Persistent Threat: Understanding the Danger and How to Protect your Organization Eric Cole discusses the critical information that readers need to know about APT and how to avoid being a victim.

Advanced Persistent Threat is the first comprehensive manual that discusses how attackers are breaking into systems and what to do to protect and defend against these intrusions.

Key Features

  • How and why organizations are being attacked
  • How to develop a "Risk based Approach to Security"
  • Tools for protecting data and preventing attacks
  • Critical information on how to respond and recover from an intrusion
  • The emerging threat to Cloud based networks

Readership

IT Security Professionals (Security Auditors, Security Engineers, Compliance Specialists, etc.), IT Professionals (Network Administrators, IT Managers, Security Managers, Security Analysts, Directors of Security, etc.)

Table of Contents

Dedication

Author Biography

Preface

Section I. Understanding the Problem

Chapter 1. The Changing Threat

Introduction

The Current Landscape

Organizations View on Security

You will be Compromised

The Cyber ShopLifter

The New Defense in Depth

Proactive vs Reactive

Loss of Common Sense

It is All About Risk

What Was In Place?

Pain Killer Security

Reducing the Surface Space

HTML Embedded Email

Buffer Overflows

Macros in Office Documents

The Traditional Threat

Common Cold

Reactive Security

Automation

The Emerging Threat

APT—Cyber Cancer

Advanced Persistent Threat (APT)

APT—Stealthy, Targeted, and Data Focused

Characteristics of the APT

Defending Against the APT

APT vs Traditional Threat

Sample APT Attacks

APT Multi-Phased Approach

Summary

Chapter 2. Why are Organizations Being Compromised?

Introduction

Doing Good Things and Doing the Right Things

Security is Not Helpless

Beyond Good or Bad

Attackers are in Your Network

Proactive, Predictive, and Adaptive

Example of How to Win

Data Centric Security

Money Does Not Equal Security

The New Approach to APT

Selling Security to Your Executives

Top Security Trends

Summary

Chapter 3. How are Organizations Being Compromised?

Introduction

What are Attackers After?

Attacker Process

Reconnaissance

Scanning

Exploitation

Create Backdoors

Cover Their Tracks

Compromising a Server

Compromising a Client

Insider Threat

Traditional Security

Firewalls

Dropped Packets

InBound Prevention and OutBound Detection

Intrusion Detection<

Details

No. of pages:
320
Language:
English
Copyright:
© 2013
Published:
Imprint:
Syngress
Print ISBN:
9781597499491
Electronic ISBN:
9781597499552

Reviews

"Cole explains why advanced persistence threats are able to bypass security measures on many large computer systems and recommends how to protect an organization's data from these well-organized attackers." --Reference and Research Book News, August 2013

"This book should come in handy to anyone who's tasked with protecting an organization's networks… definitely worth it, as it is clear, concise, and thought provoking." --HelpNetSecurity.com, February 2013