Вы находитесь на странице: 1из 6

Advanced Persistent Threats

An advanced persistent threat (APT) is a network attack in which an unauthorized person gains
access to a network and stays there undetected for a long period of time. The intention of an APT
attack is to steal data rather than to cause damage to the network or organization.

Associated Controls
DATA MANAGEMENT NETWORK
ARCHITECTURE HARDWARE
USER MANAGEMENT

Defense In depth Asset Register Access Control


Device level hardware
Data integrity Anti-virus/Anti-malware Access Control
BYOD
Data privacy Application layer Employment lifecycle
&Software Controls Management/Policies
Log management
Data retention/disposal Firewalls/security proxy Multi factor authentication
Monitoring
User/management
Data validation Configuration Security awareness
Support Agreements
Digital rights management management & hardening training
awareness
Encryption DLP Segregation of duties
Manipulation controls IPS/IDS User reconciliation
Patch management
Remote access controls
Secure links
Segmentation
Traffic
Management/filtering
Cybercrime
Cybercrime is defined as a crime in which a computer is the object of the crime (hacking, phishing,
spamming) or is used as a tool to commit an offense. Cybercriminals may use computer technology to
access personal information, business trade secrets, or use the internet for exploitive or malicious
purposes.
Associated Controls
DATA MANAGEMENT USER MANAGEMENT
ARCHITECTURE HARDWARE NETWORK SOFTWARE

Access Control
Defense In depth Asset Register Access Control
Access control Inventory Employment lifecycle
Device level hardware BYOD Anti-virus/Anti-
Data integrity management Identity management
&Software Controls Management/Policies malware Secure awareness
Data privacy Multi-factor
Log management Monitoring Application layer
Data retention/disposal Source code authentication
Network infrastructure Retirement / disposal Firewalls/security
Data validation management NDAS / Confidentiality
Perimeter controls lifecycle proxy
User / Management Encryption
Supply chain Authentication agreements /
awareness
Manipulation controls
management DLP deterrent
Support Agreements Encryption policy
Honeypots Security awareness
Network resilience training
Patch management Segregation of duties
Remote access Third-party
controls management
Secure links User reconciliation
Segmentation
Vulnerability scanning
Distributed Denial of Service (DDOS)
A distributed denial-of-service (DDoS) attack is an attack in which multiple compromised computer
systems attack a target, such as a server, website or other network resource, and cause a denial of
service for users of the targeted resource. The flood of incoming messages, connection requests or
malformed packets to the target system forces it to slow down or even crash and shut down, thereby
denying service to legitimate users or systems.
Associated Controls

ARCHITECTURE DATA
NETWORK USER
MANAGEMENT HARDWARE SOFTWARE
MANAGEMENT

Defense In depth
Data integrity Asset Register Application layer Secure code
Endpoint controls Security awareness
Data Monitoring Firewalls/security proxy development
Controls training
retention/disposal Patch management Configuration Secure software
Log management Segregation of
Network Supply chain management & architecture
hardening duties
infrastructure management Secure awareness
Denial of service Third-party
Perimeter controls Testing and Testing
protection management
User/management certification
DLP
awareness
Honeypots
IPS/IDS
Monitoring / correlation
Network resilience
Patch management
Remote access
controls
Segmentation
Traffic
Management/filtering
Insider Threat
An insider threat is a malicious threat to an organization that comes from people within the
organization, such as employees, former employees, contractors or business associates, who have
inside information concerning the organization's security practices, data and computer systems. The
threat may involve fraud, the theft of confidential or commercially valuable information, the theft of
intellectual property, or the sabotage of computer systems.
Associated Controls
DATA USER
ARCHITECTURE MANAGEMENT HARDWARE NETWORK SOFTWARE
MANAGEMENT

Defense In depth Digital rights Access controls on Anti-virus/Anti-malware Access control


Change management Access control
Endpoint controls management device level Authentication Multi-factor
Log management Manipulation controls Asset Register Configuration Authorization
management & authentication
User/management BYOD management Change NDAS /
awareness / policies hardening management
DLP confidentiality/agree
Mobile device Patch management
Monitoring / correlation ments/policy
management Secure code Responsibility
Monitoring (SIEM) development
Patch management management
Secure software Segregation of
Remote access architecture
controls duties
Secure awareness Security awareness
Segmentation
Situational awareness training
Vulnerability scanning Third-party
management
User reconciliation
Malware
Malware, a shortened combination of the words malicious and software, is a catch-all term for any sort
of software designed with malicious intent. That malicious intent is often theft of your private
information or the creation of a back-door to your computer so someone can gain access to it without
your permission. However, software that does anything that it didn't tell you it was going to do could
be considered malware.
Associated Controls
DATA USER
ARCHITECTURE MANAGEMENT HARDWARE NETWORK SOFTWARE
MANAGEMENT

Defense In depth Data privacy Asset Register Anti-virus/Anti-malware Access control


Application layer Segregation of
Device level Encryption BYOD management Backup / Archival
Firewalls/security proxy duties
hardware &Software / policies Patch management Security awareness
Controls Mobile device Configuration Secure awareness
management & training
Endpoint controls management
Log management Patch management hardening
User/management DLP
awareness IPS/IDS
Network resilience
Patch management
Segmentation
Traffic
Management/filtering
Vulnerability scanning
Cybersecurity Threats & Controls

buzz