A couple years ago, Bruce Schneier said that against an APT attacker, “the absolute level of your security is what's important. It doesn't matter how secure you are compared to your peers; all that matters is whether you're secure enough to keep him out.” Those words have proven true over and over again. APT attackers don’t move on to the next target as soon as they see your security is a little above average.
In this age, when you have to do everything right to protect your network, it pays to look at what other people do wrong and learn from their mistakes. We are going to do just that in this webinar. Based on public and unpublished APT incidents, I’ve gathered a list of 9 different things that show up repeatedly:
- Allowing open attack surfaces without securing configurations
- Permitting unlocked ports and unfettered device usage
- Failing to use centralized vulnerability remediation
- Allowing untrusted software to execute
- Failing to follow existing security policies/procedures and use at-hand technology consistently
- Permitting open policies for privileged user authority
- Not engaging in consistent end-user security awareness
- Failing to leverage logging and to set up traps
- Permitting Malware beaconing and exfiltration
These are gleaned from real-world scenarios. We’ll look at how the attacks succeeded due in large part to the mistakes made. I’ll discuss from a technical standpoint how each one of these allowed one or more attacks to actually occur.
Many of these points are in the area of endpoint security. Lumension is sponsoring this event and we will show you briefly how Lumension Endpoint Management and Security Suite can help you efficiently control these risks. Learning from other people’s mistakes is a lot less painful than learning from your own, so don’t miss this real-training-for-free session!