Chapter 1

What Is Advanced Persistent Security?

Abstract

The Sony hack is iconic in many ways. The attack devastated the organization, yet many chief information security officers (CISOs) defend Sony saying that the attack was inevitable. We, however, believe that although the attackers inevitably might have been able to gain access, it does not mean that the damage was inevitable.

Protection might inevitably fail, but if that failure can be detected and then the appropriate reaction implemented, the security program will not fail. Security is a program of combined protection, detection, and reaction. Although we do advocate Defense in Depth, it does need to be combined with the detection and reaction strategies.

Keywords

Advanced persistent threat; ...

Get Advanced Persistent Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.