Cyber attacks and APTs are complex. There are technical complexities, business issues, risks, potential impacts and many other factors that need to be considered when constructing a strategy to mitigate attacks and improve protection of the organisation. We aim to simplify this process and ensure the client is well-informed about the threat, the threat actor, the data assets most at risk, why the organisation is being targeted, weaknesses in its network that are allowing attackers to compromise systems; and what all of this means to the business. The answers will be different for each engagement, but it is vital they are understood if the organisation is to move towards Business as Usual.
To truly understand the attack against the network, we believe there are three areas which must be addressed. First, the Threat - who is attacking the organisation and how are they doing it? Next, the Risk – what does the client stand to lose and how can they identify and reduce the risks that could lead to data loss? Last, Change Cultures – how can the client work within their organisation to change attitudes and perceptions around IT security?