本網站使用Cookies 以優化閣下的用戶體驗。繼續瀏覽網頁,以示閣下同意本站使用Cookies。詳情請參閱Cookie政策私隱政策

確定

我們公司

「創新 ‧ 不斷」是中信國際電訊CPC一直秉持的服務理念

中信國際電訊CPC > 關於我們 > 業界專家指出心態調整是應對APT的關鍵 (只限英文版)
更多

2014-12-16

業界專家指出心態調整是應對APT的關鍵 (只限英文版)

媒體報導 @ Computerworld HK

Mindset shift needed to combat APTs says industry panel

Rise in APT sophistication and complex attacks underscore the importance of Assurance as a Service concept.

Advanced persistent threats (APTs) have become the bane of the Internet world. While they are generally categorized as a network attack where an unauthorized person gets the keys to your network, the real danger is that APTs may already be in your network.

To combat APTs is to combat mindsets, said the industry panelists at a panel discussion during an executive luncheon organized by CITIC Telecom CPC and partners. Entitled Unravel the myth of APT: The best way to combat APT attack, the panel discussion noted how APTs have evolved in sophistication while the world wakes up to their potential threat.

APTs become complex, pervasive

Both Daniel Kwong, Senior Vice President, Information Technology & Security Services, CITIC Telecom CPC and Vladimir Yordanov, Sales Engineering Director, APJ, Imperva cited the recent attack by DarkHotel (a.k.a. Tapaoux) as a clear example of APTs’ sophistication. During the incident, hackers selectively targeted executives staying at hotels in what is called as spearphishing attacks, while cracking weak digital signing keys to make their malicious files look legitimate.

“Traditional or legacy security framework will not be enough to cope with today’s APT attacks. Application visibility is most important for understanding your network and to protect the whole security network,” said Marcos Ong, Country Manager, HK & Macau, Palo Alto Networks, adding that this is becoming more important as BYOD and mobile apps become entrenched.

Yordanov noted that emerging trends such as the Internet of Things (IoT) is going to offer more vectors for APT attacks. “When was the last time you scanned your TV or fridge for malware? Besides, all the operating systems for IoT are based on freeware, so Shellshock, Heartbleed and Poodle are all going to be everyone’s concern,” said Yordanov. He also highlighted that the ability to hire hackers or procure hacking tools easily is not helping.

Having a service provider at your side is going to be vital when combating sophisticated and multi-national APT threats. “It is very expensive to run a comprehensive security in-house. This is where a service provider like us, with strong partnerships, helps,” said Kwong. He added that it will be difficult for many companies to take on the deep resources of today’s APT perpetrators, including organized crime, multinational hactivists and governments.

Deploying Assurance as a Service

Kwong further noted that partnerships, like his company’s with Imperva and Palo Alto Networks, bring the concept of Assurance as a Service into reality. It combines Security as a Service, led by CITIC Telecom CPC’s TrustCSITM Managed Security Services, Palo Alto Networks’ managed firewalls and Imperva’s managed Web application security, together with TrustCSITM Information Assessment Service (IAS) and the company’s 24x7, ISO 27001 certified and ITIL-based Security Operations Centers.

“This powerful combination of services and professional expertise can help companies address today’s security challenges. Remember, to effectively combat APTs, it is not about having the right solutions; rather it is about having the right solutions in the right place. This is where we can help,” said Kwong.

Greater goals

Service providers, like CITIC Telecom CPC, also offer more than just better cost rationalization and comprehensive approach to targeting APTs. “Your threat intelligence may be limited to one organization if you are doing it on your own. We are able to gather it from other attacks to ensure your organization is always ready,” he said.

From a legal perspective, partnering with the right service provider makes sense. “We are all now trading on data and the data we hold is more important than any other resources in the organization. So you need to closely look at what security you have in place. In the eyes of the law, the buck will always stop with the collector and user of the data,” said Paul Haswell, Partner with law firm Pinsent Masons.

【Click to download PDF】

產品與服務
專用網絡 信息安全管理 雲端運算方案 雲數據中心 互聯網服務 管理平台 歐洲及CIS方案
解決方案
建築、工程及建造 汽車 銀行及金融 電子商貿 物流及運輸 製造 專業服務 零售 貿易 其他
客戶服務
客戶登錄 客戶服務熱線 服務中心
資源中心
產品單頁 最新優惠 視頻 白皮書 成功案例
關於我們
我們公司 合作夥伴 新聞中心 認証及獎項 成功案例 視頻 聯絡我們 職位招聘 網誌
聯絡我們

一般查詢
886 2 6600 2588

銷售熱線 886 2 6600 2588

聯絡我們

網站地圖 | 免責聲明 | 防止濫用網絡政策 | 私隱政策 | Cookie 政策

Copyright © 中信國際電訊(信息技術)有限公司 CITIC Telecom International CPC Limited

關注我們
亞太區

香港

English 中文(繁) 中文(简)

日本

English

馬來西亞

English 中文(简)

新加坡

English 中文(简)

台灣

English 中文(繁)

歐洲及CIS

荷蘭

English (The Netherlands)

愛沙尼亞

Eesti English (Estonia)

俄羅斯

Русский English (Russia)

中国大陆

English 中文(简)

歡迎來到中信國際電訊CPC

你即將前往我們的網站

請選擇地點:

南非

南美

美國及加拿大

中企通信

亞太區
歐洲及CIS
南非
南美
美國及加拿大
需要幫忙?聯絡CPC聊天機械人
瀏覽器支援:IE11、Firefox、Chrome及Safari 的最新版本
條款及細則
歡迎來到中信國際電訊(信息技術)有限公司。閣下與CPC聊天機器人的對話内容可能會被記錄,以作培訓、質量監控和糾紛處理之用。如閣下點擊「繼續」並使用CPC聊天機器人,即表示閣下接受並同意受本公司之私隱政策約束,並同意本站使用Cookies。詳情請參閱Cookie政策私隱政策
繼續