Advertisment

APT distracting us from real vulnerabilities

author-image
CIOL Bureau
Updated On
New Update

MUMBAI, INDIA: Advanced security threats are increasing, but simply adding more layers of defense does not necessarily increase security against targeted threats; security controls need to evolve, according to Gartner, Inc.

Advertisment

"Targeted attacks are penetrating standard levels of security controls and causing significant business damage to enterprises that do not evolve their security controls," said John Pescatore, vice president and distinguished analyst at Gartner. "For the average enterprise, four per cent to eight per cent of executables that pass through antivirus and other common defenses are malicious. Enterprises need to focus on reducing vulnerabilities and increasing monitoring capabilities to deter or more quickly react to evolving threats. There are existing security technologies that can greatly reduce vulnerability to targeted attacks."

Gartner analysts said the term "advanced persistent threat" (APT) has been overhyped and is distracting organizations from a very real problem. APT was coined by the military to refer to a specific threat from another country. It was expanded to include other aggressive nation states, but has been co-opted by the media and by security vendors to hype the source of an attack, which distracts from the real issue – focusing on the vulnerabilities that the attackers are exploiting.

"The reality is that the most important issues are the vulnerabilities and the techniques used to exploit them, not the country that appears to be the source of the attack," Pescatore said. "The major advance in new threats has been the level of tailoring and targeting – these are not noisy, mass attacks that are easily handled by simple, signature-dependent security approaches."