本网站使用Cookies 以优化阁下的用户体验。继续浏览网页,以示阁下同意本站使用Cookies。详情请参阅Cookie政策私隐政策

确定

我们公司

「创新 ‧ 不断」是中信国际电讯CPC一直秉持的服务理念

中信国际电讯CPC > 关于我们 > 业界专家指出心态调整是应对APT的关键 (只限英文版)
更多

2014-12-16

业界专家指出心态调整是应对APT的关键 (只限英文版) 下载 PDF

媒体报道 @ Computerworld HK

Mindset shift needed to combat APTs says industry panel

Rise in APT sophistication and complex attacks underscore the importance of Assurance as a Service concept.

Advanced persistent threats (APTs) have become the bane of the Internet world. While they are generally categorized as a network attack where an unauthorized person gets the keys to your network, the real danger is that APTs may already be in your network.

To combat APTs is to combat mindsets, said the industry panelists at a panel discussion during an executive luncheon organized by CITIC Telecom CPC and partners. Entitled Unravel the myth of APT: The best way to combat APT attack, the panel discussion noted how APTs have evolved in sophistication while the world wakes up to their potential threat.

APTs become complex, pervasive

Both Daniel Kwong, Senior Vice President, Information Technology & Security Services, CITIC Telecom CPC and Vladimir Yordanov, Sales Engineering Director, APJ, Imperva cited the recent attack by DarkHotel (a.k.a. Tapaoux) as a clear example of APTs’ sophistication. During the incident, hackers selectively targeted executives staying at hotels in what is called as spearphishing attacks, while cracking weak digital signing keys to make their malicious files look legitimate.

“Traditional or legacy security framework will not be enough to cope with today’s APT attacks. Application visibility is most important for understanding your network and to protect the whole security network,” said Marcos Ong, Country Manager, HK & Macau, Palo Alto Networks, adding that this is becoming more important as BYOD and mobile apps become entrenched.

Yordanov noted that emerging trends such as the Internet of Things (IoT) is going to offer more vectors for APT attacks. “When was the last time you scanned your TV or fridge for malware? Besides, all the operating systems for IoT are based on freeware, so Shellshock, Heartbleed and Poodle are all going to be everyone’s concern,” said Yordanov. He also highlighted that the ability to hire hackers or procure hacking tools easily is not helping.

Having a service provider at your side is going to be vital when combating sophisticated and multi-national APT threats. “It is very expensive to run a comprehensive security in-house. This is where a service provider like us, with strong partnerships, helps,” said Kwong. He added that it will be difficult for many companies to take on the deep resources of today’s APT perpetrators, including organized crime, multinational hactivists and governments.

Deploying Assurance as a Service

Kwong further noted that partnerships, like his company’s with Imperva and Palo Alto Networks, bring the concept of Assurance as a Service into reality. It combines Security as a Service, led by CITIC Telecom CPC’s TrustCSITM Managed Security Services, Palo Alto Networks’ managed firewalls and Imperva’s managed Web application security, together with TrustCSITM Information Assessment Service (IAS) and the company’s 24x7, ISO 27001 certified and ITIL-based Security Operations Centers.

“This powerful combination of services and professional expertise can help companies address today’s security challenges. Remember, to effectively combat APTs, it is not about having the right solutions; rather it is about having the right solutions in the right place. This is where we can help,” said Kwong.

Greater goals

Service providers, like CITIC Telecom CPC, also offer more than just better cost rationalization and comprehensive approach to targeting APTs. “Your threat intelligence may be limited to one organization if you are doing it on your own. We are able to gather it from other attacks to ensure your organization is always ready,” he said.

From a legal perspective, partnering with the right service provider makes sense. “We are all now trading on data and the data we hold is more important than any other resources in the organization. So you need to closely look at what security you have in place. In the eyes of the law, the buck will always stop with the collector and user of the data,” said Paul Haswell, Partner with law firm Pinsent Masons.

【Click to download PDF】

产品与服务
专用网络 信息安全管理 云端运算方案 云数据中心 互联网服务 管理服务 欧洲及CIS方案
解决方案
建筑、工程及建造 汽车 银行及金融 电子商贸 物流及运输 制造 专业服务 零售 贸易 其他
客户服务
客户登录 客户服务热线 服务中心 客户约章
资源中心
产品单页 最新优惠 视频 白皮书 成功案例
关于我们
我们公司 合作伙伴 新闻中心 认证及奖项 成功案例 视频 联系我们 职位招聘 网志 COVID-19
Contact Us

Contact Us

General Enquiry 852 2170 7101

Sales Hotline 852 2170 7401

Contact Us

Follow Us

网站地图 | 免责声明 | 防止盗用网络政策 | 私隐政策 | Cookie 政策 | Terms & Conditions

中信集团品牌认证 | 中信云赋能
Copyright © 中信国际电讯(信息技术)有限公司 CITIC Telecom International CPC Limited

Follow Us

Welcome to CITIC Telecom CPC

You are about to visit our website

Please choose a location:

South Africa

South America

US & Canada

China Entercom

Asia Pacific
Europe & CIS
South Africa
South America
US & Canada
Need help? Chat with CPC Chatbot
Supported browsers: Latest versions of IE11, Firefox, Chrome and Safari.
Terms & Conditions
Welcome to CITIC Telecom International CPC Limited. Your conversation with CPC Chatbot may be recorded for training, quality control and dispute handling purposes. By clicking “Continue” and using CPC Chatbot, you accept and agree to be bound by our Privacy Policy and give your consent to receive cookies on this site. Read more about our Cookie Policy and Privacy Policy.
Continue