There is a common plot line that underlies most of the breach stories in the news. Software written by bad guys gets into places on the corporate network where it shouldn’t be. It looks around, finds vulnerable systems, grabs valuable data and transmits it off the network. The term most commonly used to describe this behavior is Advanced Persistent Threat (APT).
“Besides the APTs themselves, some of the big risks security professionals face today are the things that enable these sophisticated attacks in the first place,” says Dave Frymier, Chief Information Security Officer at Unisys. “Much has been made of the extent to which the traditional corporate network perimeter has been made porous by such things as the consumerization of IT and the advent of BYOD and BYO-app – either sanctioned or not. Also, the corporate belt-tightening that happened as a result of the financial shocks in the last 10 years have left plenty of skeletons in the digital closet.” Those include: