HomeSecurity

How to Combat and Recover From APTs

Karen A. Frenkel
By Karen A. Frenkel
Updated on:

How to Combat and Recover From APTs

How to Combat and Recover From APTsHow to Combat and Recover From APTs

Rather than target a mass audience, Advanced Persistent Threats zero in on specific individuals, who, if compromised, can be used to advance the goal of the attack.

Defend the Pre-PerimeterDefend the Pre-Perimeter

Leverage the cloud and use mail filtering and antispam solutions to remove potentially infected emails or attachments before they get to your network. Use Domain Name Services security products that have a real-time database of spoofed and compromised services.

Defend the PerimeterDefend the Perimeter

Conduct penetration testing regularly. Install intrusion detection and intrusion prevention systems over and above standard firewalls. Regularly audit firewall and Security Information and Event Management (SIEM) logs for anomalies.

Defend the Soft InteriorDefend the Soft Interior

Train and educate users about security protocols, implement BYOD and VPN policies, and have C-level executives back policies. Visibly enforce these policies and make sure users are trained for the latest threats.

Harden the Soft InteriorHarden the Soft Interior

Deploy and maintain antivirus, firewall, whitelisting and sandboxing/containerization technologies. Keep software up-to-date through patching.

Encrypt Everything SensitiveEncrypt Everything Sensitive

Encrypt your data at multiple checkpoints. Encrypted data is useless to the cyber-attacker.

Backup, Backup, Backup and Then RestoreBackup, Backup, Backup and Then Restore

Back up using three methods: File backup to off-site storage for organizational recovery. File backup to local storage for immediate volume recovery. File backup to local storage for immediate file recovery. Fully test backups by restoring critical data and verifying the data’s integrity.

Ensure the Principles of Least Privilege ThroughoutEnsure the Principles of Least Privilege Throughout

Domain administrators should not use domain administrator credentials for basic break-fix solutions. All you need is local administration. Rather than run as a system, custom software should have its own system-level account and privileges.

Perform Regular Access AuditsPerform Regular Access Audits

Frequently audit all access control lists. Have you insured that all ex-employee and contractors’ accounts and logins have been disabled or deleted?

Enforce Your Last Line of DefenseEnforce Your Last Line of Defense

There is a critical shortage of skilled and experienced IT security pros. Train system administrators in IT security so that when they accidentally stumble upon an anomaly, they instantly recognize and react to it.

Previous article
How Office Romances Can Disrupt Work
Next article
How IT Plans to Add More Green to Data Centers
Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles

Related Articles

CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need to maintain regulatory compliance for their teams and organizations. CIO Insight is an ideal website for IT decision makers, systems integrators and administrators, and IT managers to stay informed about emerging technologies, software developments and trends in the IT security and management industry.

Advertisers

Advertise with TechnologyAdvice on CIO Insight and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2022 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.