CW+ Premium Content/Computer Weekly

Thank you for joining!
Access your Pro+ Content below.
27 August 2013

Attackers are in the network, now what?

A growing number of security experts say the traditional model of a secure network perimeter is no longer meaningful and that companies should assume outsiders are already on the corporate network. Adversaries have shown in recent months that they are quite capable of stealing credentials to authenticate and access systems containing sensitive data. It is now only reasonable to assume that attackers are inside your network, that they can disguise themselves, and they can get close to sensitive information. But what does this mean in terms of a defence strategy? How can organisations defend against malicious insiders and outsiders who have wormed their way inside the corporate network? For a start, industry experts recommend doing whatever is possible to slow down attackers to buy time to identify potentially malicious behaviour and respond to it. It is essential to have the necessary monitoring systems and risk assessment systems in place that can identify and respond to suspicious behaviour or at least alert the IT security ...

Features in this issue