Welcome!

Agile Computing Authors: Elizabeth White, Larry Alton, Liz McMillan, Pat Romanski, Astadia CloudGPS

News Feed Item

Une enquête sur la cybersécurité réalisée par l'ISACA révèle qu'une entreprise sur cinq a subi une attaque APT

Plus d'une personne sur cinq participant à une enquête mondiale sur la cybersécurité , réalisée auprès de plus de 1500 professionnels de la sécurité, déclare que son entreprise a subi une attaque APT (« advanced persistant threat »). D'après l'étude réalisée par l'association TI mondiale ISACA, 94 % déclarent que les APT constituent une menace crédible à la sécurité et à la stabilité économique nationales, et pourtant la plupart des entreprises emploient des technologies inefficaces pour se protéger.

Les APT, une tactique d'espionnage visant à voler la propriété intellectuelle, ont fait les gros titres au cours des dernières années pour avoir porté atteinte à des réseaux commerciaux et gouvernementaux majeurs dans le monde entier. Plus de 60 % des personnes interrogées ont indiqué qu'il n'était qu'une question de temps avant que leur entreprise soit ciblée.

Sensibilisation de l'ISACA aux « advanced persistant threats » : Les résultats de l'étude indiquent que 96 % des personnes interrogées se déclarent un tant soit peu familières avec les APT. Bien que ceci soit positif, 53 % déclarent qu'elles ne pensent pas que les APT diffèrent des menaces traditionnelles—ce qui indique qu'elles sont nombreuses à mal les comprendre.

« Les APT sont sophistiquées, furtives et incessantes », a déclaré Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, vice-président international de l'ISACA et chef de la sécurité des informations d'INTRALOT GROUP. « Les cybermenaces traditionnelles se dissipent souvent si elles ne peuvent pas pénétrer leur cible initiale, mais une APT tente continuellement de pénétrer la cible désirée jusqu'à ce qu'elle atteigne son objectif—et, ceci fait, elle peut se déguiser et se transformer si nécessaire, ce qui la rend difficile à identifier ou à stopper ».

Plus de 60 % des personnes interrogées ont indiqué qu'elles étaient prêtes à se défendre contre les attaques APT. Toutefois, les antivirus et les anti-logiciels espions (95 %) et les technologies de périmètre de réseau telles que les pare-feux (93 %) sont les principaux contrôles utilisés par leurs entreprises pour bloquer les APT—un résultat inquiétant, étant donné que les APT sont connus pour éviter d'être pris par ces types de contrôles. L'étude indique que les contrôles de sécurité mobiles, qui sont plus efficaces, sont utilisés nettement moins fréquemment.

« Les APT exigent de nombreuses approches défensives, d'une formation de sensibilisation et d'une modification des accords tiers assurant la protection des fournisseurs, à la mise en œuvre de contrôles techniques », a ajouté Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, directeur de l'ISACA et directeur de la sécurité des informations et de l'assurance TI chez BRM Holdich.

L'enquête a également révélé que :

  • 90 % des personnes interrogées considèrent que l'utilisation de sites de réseautage sociaux augmente la probabilité d'une attaque APT concluante.
  • 87 % considèrent que BYOD (« apportez votre propre matériel ») , combiné à l'enracinement ou au déverrouillage de l'appareil, augmentent la probabilité d'une attaque APT concluante.
  • Plus de 80 % déclarent que leurs entreprises n'ont pas actualisé leurs accords de fournisseurs pour se protéger contre les APT.

« Nous ne sommes qu'en février et déjà nous pouvons proclamer 2013 l'année du piratage », a confié quant à lui Tom Kellermann, CISM, conseiller de confiance auprès du gouvernement des États-Unis et vice-président en charge de la cybersécurité chez Trend Micro. « La recherche de l'ISACA révèle que les entreprises sont attaquées et ne le réalisent même pas. Il est nécessaire d'intégrer cette sensibilisation au programme d'études des professionnels de la sécurité pour leur permettre d'élaborer la défense personnalisée dont ils ont besoin pour combattre ces attaques ciblées ».

L'étude ISACA, parrainée par Trend Micro, peut être téléchargée gratuitement sur www.isaca.org/cybersecurity.

À propos de l’ISACA

L'ISACA, qui compte 100 000 membres à l'échelle mondiale, (www.isaca.org) aide les entreprises à inspirer confiance en leurs informations et leurs systèmes, et à en tirer de la valeur. Fondée en 1969, l’ISACA atteste des compétences et des connaissances en technologies de l’information en octroyant les certifications CISA, CISM, CGEIT et CRISC. ISACA a développé le cadre COBIT, qui aide les entreprises à gérer et à gouverner leurs informations et leur technologie.

Twitter : https://twitter.com/ISACANews

Le texte du communiqué issu d’une traduction ne doit d’aucune manière être considéré comme officiel. La seule version du communiqué qui fasse foi est celle du communiqué dans sa langue d’origine. La traduction devra toujours être confrontée au texte source, qui fera jurisprudence.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
SYS-CON Events announced today that Massive Networks, that helps your business operate seamlessly with fast, reliable, and secure internet and network solutions, has been named "Exhibitor" of SYS-CON's 21st International Cloud Expo ®, which will take place on Oct 31 - Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. As a premier telecommunications provider, Massive Networks is headquartered out of Louisville, Colorado. With years of experience under their belt, their team of...
SYS-CON Events announced today that Fusic will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Fusic Co. provides mocks as virtual IoT devices. You can customize mocks, and get any amount of data at any time in your test. For more information, visit https://fusic.co.jp/english/.
SYS-CON Events announced today that MIRAI Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. MIRAI Inc. are IT consultants from the public sector whose mission is to solve social issues by technology and innovation and to create a meaningful future for people.
SYS-CON Events announced today that Enroute Lab will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enroute Lab is an industrial design, research and development company of unmanned robotic vehicle system. For more information, please visit http://elab.co.jp/.
SYS-CON Events announced today that Mobile Create USA will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Mobile Create USA Inc. is an MVNO-based business model that uses portable communication devices and cellular-based infrastructure in the development, sales, operation and mobile communications systems incorporating GPS capabi...
SYS-CON Events announced today that Keisoku Research Consultant Co. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Keisoku Research Consultant, Co. offers research and consulting in a wide range of civil engineering-related fields from information construction to preservation of cultural properties. For more information, vi...
There is huge complexity in implementing a successful digital business that requires efficient on-premise and cloud back-end infrastructure, IT and Internet of Things (IoT) data, analytics, Machine Learning, Artificial Intelligence (AI) and Digital Applications. In the data center alone, there are physical and virtual infrastructures, multiple operating systems, multiple applications and new and emerging business and technological paradigms such as cloud computing and XaaS. And then there are pe...
SYS-CON Events announced today that Interface Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Interface Corporation is a company developing, manufacturing and marketing high quality and wide variety of industrial computers and interface modules such as PCIs and PCI express. For more information, visit http://www.i...
SYS-CON Events announced today that SIGMA Corporation will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. uLaser flow inspection device from the Japanese top share to Global Standard! Then, make the best use of data to flip to next page. For more information, visit http://www.sigma-k.co.jp/en/.
SYS-CON Events announced today that B2Cloud will exhibit at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. B2Cloud specializes in IoT devices for preventive and predictive maintenance in any kind of equipment retrieving data like Energy consumption, working time, temperature, humidity, pressure, etc.
Agile has finally jumped the technology shark, expanding outside the software world. Enterprises are now increasingly adopting Agile practices across their organizations in order to successfully navigate the disruptive waters that threaten to drown them. In our quest for establishing change as a core competency in our organizations, this business-centric notion of Agile is an essential component of Agile Digital Transformation. In the years since the publication of the Agile Manifesto, the conn...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, will discuss how data centers of the future will be managed, how th...
SYS-CON Events announced today that NetApp has been named “Bronze Sponsor” of SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. NetApp is the data authority for hybrid cloud. NetApp provides a full range of hybrid cloud data services that simplify management of applications and data across cloud and on-premises environments to accelerate digital transformation. Together with their partners, NetApp em...
SYS-CON Events announced today that Nihon Micron will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Nihon Micron Co., Ltd. strives for technological innovation to establish high-density, high-precision processing technology for providing printed circuit board and metal mount RFID tags used for communication devices. For more inf...
SYS-CON Events announced today that Suzuki Inc. will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Suzuki Inc. is a semiconductor-related business, including sales of consuming parts, parts repair, and maintenance for semiconductor manufacturing machines, etc. It is also a health care business providing experimental research for...
SYS-CON Events announced today that Ryobi Systems will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Ryobi Systems Co., Ltd., as an information service company, specialized in business support for local governments and medical industry. We are challenging to achive the precision farming with AI. For more information, visit http:...
SYS-CON Events announced today that Daiya Industry will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Daiya Industry specializes in orthotic support systems and assistive devices with pneumatic artificial muscles in order to contribute to an extended healthy life expectancy. For more information, please visit https://www.daiyak...
In his session at @ThingsExpo, Greg Gorman is the Director, IoT Developer Ecosystem, Watson IoT, will provide a short tutorial on Node-RED, a Node.js-based programming tool for wiring together hardware devices, APIs and online services in new and interesting ways. It provides a browser-based editor that makes it easy to wire together flows using a wide range of nodes in the palette that can be deployed to its runtime in a single-click. There is a large library of contributed nodes that help so...
SYS-CON Events announced today that mruby Forum will exhibit at the Japan External Trade Organization (JETRO) Pavilion at SYS-CON's 21st International Cloud Expo®, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. mruby is the lightweight implementation of the Ruby language. We introduce mruby and the mruby IoT framework that enhances development productivity. For more information, visit http://forum.mruby.org/.
SYS-CON Events announced today that N3N will exhibit at SYS-CON's @ThingsExpo, which will take place on Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. N3N’s solutions increase the effectiveness of operations and control centers, increase the value of IoT investments, and facilitate real-time operational decision making. N3N enables operations teams with a four dimensional digital “big board” that consolidates real-time live video feeds alongside IoT sensor data a...