Case Study: Using Security Awareness to Combat the Advanced Persistent Threat

Author:
Allen M. Smith, Nancy Y. Toppel
File Size:
378.19 kB
Date:
01 July 2009
Downloads:
3756 x

United States (U.S.) government agencies and defense contractors are the target of extremely complex foreign state-sponsored cyber attacks referred to as the “advanced persistent threat.” These attacks are intended to steal sensitive information, such as national defense, research and development, and personal information. While the techniques for information gathering to determine targets (both information assets and people) may be complex, a common method used for infiltrating networks is simple social engineering. Technical controls may be used to tighten access controls but are not the total solution. Changing employee behavior through security awareness is required.

Case Study: Using Security Awareness to Combat the Advanced Persistent Threat