— By Ed Kanerva, vice president, Booz Allen Hamilton
The ever-expanding sophistication, ubiquity and distribution of Advanced Persistent Threats — well-planned, targeted hacking attacks on computer networks — put a lot of pressure on those individuals tasked with maintaining network security within their organizations.
When adversaries have a seemingly endless supply of time, tactics, techniques, procedures, tools and opportunities with which to penetrate networks, it can be tempting to link the problem with the solution. That is, network intrusion is a technology problem, so the solution must be solely technological, too.
It’s understandable to think that, and if you did, you’d be right — but only half right. And being half right in network security is a bad place to be. The simple fact is this: The more reliant on technology we are, the more we must turn to human solutions to protect that technology — and that’s never truer than in managing APTs.
Organizations need to make certain their approach to network security is underpinned by a set of core elements (and while they all relate to technology, none of them is a piece of hardware or software). They are as follows: