Dissemination Trap vs. Implementation

Friday, September 10, 2010

Katie Weaver-Johnson


Dennis McCafferty of CIO Insight recently did a two part overview on Enterprise Security Risks and in part 2 he talked about the hottest security catch phrase of 2010 – Advanced Persistent Threat (APT).

According to the overview, an Advanced Persistent Threat is an insidious attack by a well-funded, state-sponsored intelligence organization.  The overview goes on to describe how APT attackers are more patient than a bored Gen Y hacker or financially motivated crook.

They are willing to slowly gather information and data from multiple sources and social media sites and then execute a targeted, social-engineering attack on their terms.

Are bad guys out-thinking the good guys….again?  Yes, but if the good guys are paying attention to lessons learned, they would know the key to defeating the APT risk (and numerous other escalating risks) is not falling into the dissemination trap. 

Most organizations fall victim to the dissemination trap because they are simply disseminating policies, procedures, general training, best practices, regulatory requirements and etc. using binders, e-mails, memos, intranets, portals and shared drives. 

The article correctly points out that every employee and endpoint is a potential point of entry yet organizations and their leaders continue to believe that dissemination of documents and general training is enough. 

The bad guys know this too, which is why APT and thousands of other risks and new attacks target your employees, contractors, vendors, consultants, temps and etc.

Implementation is not dissemination.  Implementation is building environments of security awareness, situational awareness, risk awareness, accountability, compliance, preparedness, legal defensibility, trust and others…and it must be maintained ongoing to keep up with the bad guys.

Are you keeping up or falling into the dissemination trap?

Possibly Related Articles:
Enterprise Security
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.