Sponsor: Fireeye

In spite of the best efforts of the cyber security industry to protect computer networks, breaches still happen, causing millions of dollars in damage, tainting the reputation of corporations, and causing end users to lose confidence in the security of their personal information. Given that new reality, it’s not enough for organizations to try to protect their networks from a breach, but to have an effective response plan in place for when a breach occurs anyway.

Today, companies need to conduct a comprehensive response readiness assessment that lays out what steps to take in the event of a breach in order to minimize the damage and recover from the intrusion as quickly as possible.

Physical conflicts increasingly have a cyber element to them. This report highlights how Syrian opposition forces fell victim to a well-executed hacking operation targeting secret communications and plans.

FireEye researchers uncovered these stolen documents as part of our ongoing threat research. Between at least November 2013 and January 2014, the hackers stole a cache of critical documents and Skype conversations revealing the Syrian opposition’s strategy, tactical battle plans, supply needs, and troves of personal information and chat sessions belonging to the men fighting against Syrian President Bashar al-Assad’s forces. While we do not know who conducted this hacking operation, if this data was acquired by Assad’s forces or their allies it could confer a distinct battlefield advantage.

Having some of the world’s most active economies, Asia Pacific countries are more likely to be a target of targeted attacks than the rest of the world. In “Operation Quantum Entanglement”, “Pacific Ring of Fire: PlugX / Kaba” and other FireEye reports, we have highlighted how Northeast Asian countries have been at the centre of advanced attacks. Today, we release a new report “APT 30 and the Mechanics of a Long-Running Cyber Espionage Operation,” which documents about a threat group, APT 30, who has consistently targeted Southeast Asia and India over the past decade.

Protecting against advanced cyber-attacks requires, among other things, that you meet the same level of sophistication as your attackers. Unfortunately, most current security technologies fail to meet that bar, resulting in organizations being breached when they thought they were protected.

A resulting breach can be devastating, leading most organizations to re-evaluate their security program. Critically evaluating your security program in its entirety and looking for the areas it can be improved is a daunting task.

"In spite of the best efforts of the cyber security industry to protect computer networks, breaches still happen, causing millions of dollars in damage, tainting the reputation of corporations, and causing end users to lose confidence in the security of their personal information. Given that new reality, it’s not enough for organizations to try to protect their networks from a breach, but to have an effective response plan in place for when a breach occurs anyway.

Today, companies need to conduct a comprehensive response readiness assessment that lays out what steps to take in the event of a breach in order to minimize the damage and recover from the intrusion as quickly as possible."

It’s not a question of if your organization will be breached. It’s a question of when.

Most attackers remain active in environments for a significant amount of time before being discovered. And only a small percentage of organizations discover the presence of advanced attackers themselves—most need to be informed by law enforcement or a proactive third-party security firm. By then, an attacker could do a great deal of damage.

A compromise assessment answers the all-important question: Have you been breached?

Recent high-profile security breaches, underscore how destructive a breach can be to an organization's reputation and financial stability.
Many of these headline-grabbing targeted attacks are based on monetary profit, political gain, or data theft, and are a result of an active, persistent pursuit with the intent to compromise the target’s infrastructure.
When customer data is stolen, the damage to an organization can be swift – and costly. With awareness of cyber security risks at all-time highs, investments are pouring into security technologies.
But how do you know if you are investing in the right set of security tools and threat intelligence?

M-Trends 2016 provides trends, statistics and case studies to illustrate how advanced threat actors have evolved over the past year.
The annual report was compiled by consultants at Mandiant, a FireEye company, and is based on hundreds of Mandiant incident response investigations in more than 30 industry sectors. It offers recommendations on how organizations can improve the way they prevent, detect, analyze and respond to cyber attacks.

Today's security defenses are failing because, in the battle against cybercrime, security teams are using an outdated arsenal. They rely too heavily on legacy platforms that leverage technology dependent upon signatures—and while these platforms may be good at blocking basic malware that is known and documented, they stand little chance against today's sophisticated, dynamic cyber attacks that occur across multiple vectors and stages.

In this guide for CIOs, CFOs, and CISOs, FireEye provides insight into the cyber security problem facing enterprises and government agencies today.

Transform that vast and noisy queue of mostly false alerts into a small collection of actionable narratives by following FireEye's "Nine Steps to Eliminate Alert Fatigue".

Komplexe Cyberbedrohungen erfordern eine zeitgemäße Sicherheitsstrategie. Unsere herkömmlichen Netzwerk- und Endpunkt-Sicherheitslösungen sind kein Hindernis für die gezielten Angriffe von heute und versagen eindeutig bei deren effektiver Abwehr, Untersuchung und Bekämpfung. Sie benötigen eine Sicherheitsplattform, die die neueste Technologie, die besten Bedrohungsdaten der Branche und das Know-how von Experten kombiniert, die sich auf die Abwehr gewiefter Angreifer spezialisiert haben.

Angreifer umgehen konventionelle Sicherheitssysteme von Unternehmen fast nach Belieben – und das in den wichtigsten Branchen und Wirtschaftsregionen weltweit. Diesen besorgniserregenden Rückschluss lassen neue Daten von mehr als 1.600 Netzwerk- und E-Mail-Sensoren von FireEye zu, die in realen Unternehmensumgebungen zum Einsatz kamen. Anknüpfend an den Bericht „Das Defense-in-Depth-Modell im Praxistest“ vom Mai 2014 vergleichen wir die Ergebnisse der ersten Studie mit Daten, die in den darauffolgenden Monaten erfasst wurden.

In "M-Trends 2014" berichteten wir, dass die Cybersecurity sich von einem Thema, an dem einige wenige IT-Verantwortliche interessiert waren, zu einer der obersten Prioritäten für die Unternehmensleitung entwickelt hatte. In diesem Jahr rückte die Cybersicherheit – oder streng genommen die Cyberunsicherheit – in den Blickpunkt der Öffentlichkeit. Seit Jahresbeginn 2015 wurde das Thema von US-Präsident Obama in seiner Ansprache zur Lage der Nation¹, als Grundlage für einen Hollywood-Film und selbst in einem Gag bei der Verleihung des Golden Globe aufgegriffen.

Sicherheitsteams werden von einer Flut von Warnungen überschwemmt. Sie wissen nicht mehr, welche Warnmeldungen wirklich begründet sind. Dringende Warnungen gehen in der Masse unter. Sicherheitsteams sind verunsichert und können mit begründeten Meldungen nicht mehr umgehen. Das Gefährliche dabei: Die Flut der Warnungen erzeugt ein trügerisches Gefühl von Sicherheit.

Ein wirklich effektiver Schutz ist allerdings keine Frage der Quantität, sondern der Qualität von Warnungen. Das vorliegende Whitepaper erklärt, wie diese Flut von Warnungen zustande kommt, warum sie dem Schutz Ihrer Unternehmenswerte eher ab- als zuträglich ist und wie Sie sie besser bewältigen können.

Les solutions traditionnelles de protection des terminaux et des réseaux sont clairement dépassées. Elles ne font pas le poids face aux attaques ciblées actuelles, tant en termes de prévention que d'investigation et de remédiation. Vous savez que la réponse passe par une solution de sécurité avancée, mais vous peinez à persuader l'équipe de direction et le conseil d'administration d'investir.

Pour trouver les bons arguments, vous devez d'abord vous mettre à leur place. Ce document explique comment :

• Exposer clairement les défis auxquels vous êtes confronté
• Évaluer l'impact sur l'entreprise
• Se projeter au-delà des aspects techniques pour orienter la discussion sur les avantages financiers