RSA urges Security leaders to confront the new class threat

RSA, The Security Division of EMC has released a new report that takes an in-depth look at the seismic shift in the cyber threat landscape, as enterprises are increasingly targeted for corporate espionage and sabotage.  The report, the latest in a series from the Security for Business Innovation Council (SBIC), asserts that for most organizations, it's a matter of when, not if, they will be targeted by advanced threats.  The report includes instructive guidance from 16 global security leaders for confronting this new class of threat. 

The report reveals that APTs - a menace once confined to the defense industrial base and government agencies - are now targeting a broad range of private sector organizations to nab valuable intellectual property, trade secrets, corporate plans, access to operations and other proprietary data. 

"It is a very intelligent, well-armed, and effective foe that is fantastic at what they do," said Roland Cloutier, Vice President, Chief Security Officer, Automatic Data Processing, Inc. and member of the SBIC. "It's going to take a new approach in most enterprises to combat it." 

The term APT originated to describe cyber espionage in which a nation-state gains access to a network to, over long periods of time, extract national security data.  Today the term APT has broadened as attackers expand their target lists and nation-states are no longer the only groups deploying these sophisticated techniques.  Rather than gain entry through the network perimeter, today's ambitious attackers prefer to target human vulnerabilities, exploiting end users through social engineering techniques and spear phishing. 

"Cyber criminals have aggressively shifted their targets and tactics," said Art Coviello, Executive Chairman, RSA, The Security Division of EMC.  "In the never-ending war for control of the network, the battle must be fought on many different fronts. All organizations are part of the greater ecosystem of information exchange and it is everyone's responsibility to build and protect that exchange." 

This latest report from the SBIC urges organizations to adopt a new security mindset, shifting the concept of success from preventing infiltration to detecting attacks and mitigating damage as quickly as possible.  The report released is the eighth in the series.  RSA expects to publish more original Council reports over the coming months.