Six Controls to Defend Against Advanced Persistent Threats (APT)
Currently, there is no single control capable of defending against and noticing APT attacks; therefore, the implementation of layered controls is necessary. Below are my top six controls to stay ahead of APTs:
- Deploy devices and software products capable of detecting and/or blocking anomalous activity at the host and network levels.
- Implement an application control or whitelisting software product that will allow only “whitelisted” applications on specific systems.
- Monitor, monitor and monitor some more.
- Tirelessly patch systems.
- Block unnecessary egress traffic by default.
- Limit employee participation in cybercriminal advances through relentless training on social engineering techniques.
To read the full article by Mark Faske of CoNetrix, first published in the October 2015 issue of The Nebraska Banker, visit www.conetrix.com/Articles/defend-against-advanced-persistent-threats-apt