Security professionals are concerned about sophisticated cyber attacks Today, ESG published a new research report on Advanced Persistent Threats (APTs) and what U.S.-based enterprise organizations (i.e. more than 1,000 employees) are doing about them. ESG also used some of the research data to create a scoring system which we used to segment the market into three types of organizational profiles: Most prepared for APTs (21%), somewhat prepared for APTs (43%), and poorly prepared for APTs (36%). This segmentation model provides a lot of insight on APT best practices, security strategies, and security vulnerabilities. I’ll be blogging about this for a while but there is also some details on the report at:http://www.enterprisestrategygroup.com/2011/11/apt/?utm_source=Homepage&utm_medium=Slideshow&utm_campaign=aptrrWhen we started this project there was a fair amount of debate about APTs. Was this type of attack real and unique or were “APTs” nothing more than a marketing term to add an alarming label to pedestrian types of cyber attacks. One of my contacts in Washington told me that many Senators were actually dismissing APTs as hype created by the “cyber industrial complex.”To find out whether APTs were indeed real, ESG surveyed 244 enterprise security professionals. Survey respondents were provided with the NIST definition of APTs and were then asked a number of questions about APTs with this definition as a baseline. ESG only surveyed security professionals who were familiar with APTs and had security management authority at their organizations. So is APT just a marketing term? Not according to those with the most knowledge about cyber security. Half of the security professionals surveyed believe that APTs are a unique type of threat while 48% believed that they “somewhat unique” but share some similarities with past attacks (only 2% said APTs are not unique). Alarmingly, 85% of organizations, “most prepared for APTs,” said that APTs are a unique type of threat. This is consistent with several conversations I’ve had with CISOs. Most said that they didn’t think that APTs were anything new until they were attacked. As they watched APT attacks unfold, they were blown away by how they adapted, moved around the network, rooted themselves in systems, and used sophisticated (and often homegrown) innovation to fool security tools and remain stealthy.If organizations possessing the most experience with APTs believe they represent a unique type of threat, shouldn’t we pay attention? Related content analysis 5 things security pros want from XDR platforms New research shows that while extended detection and response (XDR) remains a nebulous topic, security pros know what they want from an XDR platform. By Jon Oltsik Jul 07, 2022 3 mins Intrusion Detection Software Incident Response opinion Bye-bye best-of-breed? ESG research finds that organizations are increasingly integrating security technologies and purchasing multi-product security platforms, changing the industry in the process. By Jon Oltsik Jun 14, 2022 4 mins Security Software opinion SOC modernization: 8 key considerations Organizations need SOC transformation for security efficacy and operational efficiency. Technology vendors should come to this year’s RSA Conference with clear messages and plans, not industry hyperbole. By Jon Oltsik Apr 27, 2022 6 mins RSA Conference Security Operations Center opinion 5 ways to improve security hygiene and posture management Security professionals suggest continuous controls validation, process automation, and integrating security and IT technologies. By Jon Oltsik Apr 05, 2022 4 mins Security Practices Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe