Text

Advanced persistent threat: understanding the danger and how to protect your organization

---

Table of Contents

Section I. Understanding the Problem

Chapter 1. The Changing Threat
Introduction
The Current Landscape
Organizations View on Security
You will be Compromised
The Cyber ShopLifter
The New Defense in Depth
Proactive vs Reactive
Loss of Common Sense
It is All About Risk
What Was In Place?
Pain Killer Security
Reducing the Surface Space
HTML Embedded Email
Buffer Overflows
Macros in Office Documents
The Traditional Threat
Common Cold
Reactive Security
Automation
The Emerging Threat
APT—Cyber Cancer
Advanced Persistent Threat (APT)
APT—Stealthy, Targeted, and Data Focused
Characteristics of the APT
Defending Against the APT
APT vs Traditional Threat
Sample APT Attacks
APT Multi-Phased Approach
Summary

Chapter 2. Why are Organizations Being Compromised?
Introduction
Doing Good Things and Doing the Right Things
Security is Not Helpless
Beyond Good or Bad
Attackers are in Your Network
Proactive, Predictive, and Adaptive
Example of How to Win
Data Centric Security
Money Does Not Equal Security
The New Approach to APT
Selling Security to Your Executives
Top Security Trends
Summary

Chapter 3. How are Organizations Being Compromised?
Introduction
What are Attackers After?
Attacker Process
Reconnaissance
Scanning
Exploitation
Create Backdoors
Cover Their Tracks
Compromising a Server
Compromising a Client
Insider Threat
Traditional Security
Firewalls
Dropped Packets
InBound Prevention and OutBound Detection
Intrusion Detection
Summary

Chapter 4. Risk-Based Approach to Security
Introduction
Products vs. Solutions
Learning from the Past
What is Risk?
Focused Security
Formal Risk Model
Insurance Model
Calculating Risk
Summary

Section II. Emerging Trends
Chapter 5. Protecting Your Data
Introduction
Data Discovery
Protected Enclaves
Everything Starts with Your Data
CIA
Data Classification
Encryption
Types of Encryption
Goals of Encryption
Data at Rest
Data at Motion
Encryption—More Than You Bargained For
Network Segmentation and De-Scoping
Encryption Free Zone
Summary

Chapter 6. Prevention is Ideal but Detection is a Must
Introduction
Inbound Prevention
Outbound Detection
Network vs. Host
Making Hard Decisions
Is AV/Host Protection Dead?
Summary

Chapter 7. Incident Response: Respond and Recover
Introduction
The New Rule
Suicidal Mindset
Incident Response
Events/Audit Trails
Sample Incidents
6-Step Process
Forensic Overview
Summary

Chapter 8. Technologies for Success
Introduction
Integrated Approach to APT
How Bad is the Problem?
Trying to Hit a Moving Target
Finding the Needle in the Haystack
Understand What You Have
Identifying APT
Minimizing the Problem
End to End Solution for the APT
Summary

Section III. The Future and How to Win

Chapter 9. The Changing Landscape: Cloud and Mobilization
Introduction
You Cannot Fight the Cloud
Is the Cloud Really New?
What is the Cloud?
Securing the Cloud
Reducing Cloud Computing Risks
Mobilization—BYOD (Bring Your Own Device)
Dealing with Future Technologies
Summary

Chapter 10. Proactive Security and Reputational Ranking
Introduction
Facing Reality
Predicting Attacks to Become Proactive
Changing How You Think About Security
The Problem has Changed
The APT Defendable Network
Summary

Chapter 11. Focusing in on the Right Security
Introduction
What is the Problem That is Being Solved?
If the Offense Knows More Than the Defense You Will Loose
Enhancing User Awareness
Virtualized Sandboxing
Patching
White Listing
Summary

Chapter 12. Implementing Adaptive Security
Introduction
Focusing on the Human
Focusing on the Data
Game Plan
Prioritizing Risks
Key Emerging Technologies
The Critical Controls
Summary

---

Availability

Detail Information

Series Title

--

Call Number

005.8 COL a

Publisher

Massachusetts : Syngress., 2013

Collation

xvi, 290 hal.; ilus.; 24 cm

Language

English

ISBN/ISSN

9781597499491

Classification

005.8

Content Type

-

Media Type

-

Carrier Type

-

Edition

--

Subject(s)

Computer security
Data protection
Computer networks -- Security measures
Computer crimes -- Prevention

Specific Detail Info

--

Statement of Responsibility

Eric Cole

Other version/related

File Attachment

Comments

---

You must be logged in to post a comment