Advanced persistent threats: minimising the damage

According to the Office of Cyber Security and Information Assurance, 93% of large corporations and 87% of small businesses reported some form of cyber breach in 2013. 1 Furthermore, a recent Ponemon Institute study found that, in 2013, the average annual cost of cybercrime globally was $7.22m per organisation, representing a 30% increase on the previous year's study. 2 As we move forward with more objects becoming Internet enabled and more services moving online, the cybercrime problem is only likely to worsen. In fact, analyst firm Gartner recently stated that it is becoming impossible to prevent targeted attacks and organisations should instead focus their security spending on monitoring and response techniques. With this in mind, analysts have predicted that, by 2020, 60% of security budgets will be spent on rapid detection and response approaches, up from less than 10% in 2013. 3 Advanced Persistent Threats (APTs) are a growing concern within the security industry, presenting a very real and urgent menace to businesses. These attacks differentiate themselves from other hacking techniques by targeting a specific organisation, for a specific target – often extremely high-value data. However, with an understanding of each stage of an APT's lifecycle, and with the right security analytics solutions in place, the threat can be mitigated, explains Ross Brewer of LogRhythm.