Welcome!

Agile Computing Authors: Pat Romanski, Liz McMillan, Corey Roth, Elizabeth White, Yeshim Deniz

News Feed Item

Une enquête sur la cybersécurité réalisée par l'ISACA révèle qu'une entreprise sur cinq a subi une attaque APT

Plus d'une personne sur cinq participant à une enquête mondiale sur la cybersécurité , réalisée auprès de plus de 1500 professionnels de la sécurité, déclare que son entreprise a subi une attaque APT (« advanced persistant threat »). D'après l'étude réalisée par l'association TI mondiale ISACA, 94 % déclarent que les APT constituent une menace crédible à la sécurité et à la stabilité économique nationales, et pourtant la plupart des entreprises emploient des technologies inefficaces pour se protéger.

Les APT, une tactique d'espionnage visant à voler la propriété intellectuelle, ont fait les gros titres au cours des dernières années pour avoir porté atteinte à des réseaux commerciaux et gouvernementaux majeurs dans le monde entier. Plus de 60 % des personnes interrogées ont indiqué qu'il n'était qu'une question de temps avant que leur entreprise soit ciblée.

Sensibilisation de l'ISACA aux « advanced persistant threats » : Les résultats de l'étude indiquent que 96 % des personnes interrogées se déclarent un tant soit peu familières avec les APT. Bien que ceci soit positif, 53 % déclarent qu'elles ne pensent pas que les APT diffèrent des menaces traditionnelles—ce qui indique qu'elles sont nombreuses à mal les comprendre.

« Les APT sont sophistiquées, furtives et incessantes », a déclaré Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, vice-président international de l'ISACA et chef de la sécurité des informations d'INTRALOT GROUP. « Les cybermenaces traditionnelles se dissipent souvent si elles ne peuvent pas pénétrer leur cible initiale, mais une APT tente continuellement de pénétrer la cible désirée jusqu'à ce qu'elle atteigne son objectif—et, ceci fait, elle peut se déguiser et se transformer si nécessaire, ce qui la rend difficile à identifier ou à stopper ».

Plus de 60 % des personnes interrogées ont indiqué qu'elles étaient prêtes à se défendre contre les attaques APT. Toutefois, les antivirus et les anti-logiciels espions (95 %) et les technologies de périmètre de réseau telles que les pare-feux (93 %) sont les principaux contrôles utilisés par leurs entreprises pour bloquer les APT—un résultat inquiétant, étant donné que les APT sont connus pour éviter d'être pris par ces types de contrôles. L'étude indique que les contrôles de sécurité mobiles, qui sont plus efficaces, sont utilisés nettement moins fréquemment.

« Les APT exigent de nombreuses approches défensives, d'une formation de sensibilisation et d'une modification des accords tiers assurant la protection des fournisseurs, à la mise en œuvre de contrôles techniques », a ajouté Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, directeur de l'ISACA et directeur de la sécurité des informations et de l'assurance TI chez BRM Holdich.

L'enquête a également révélé que :

  • 90 % des personnes interrogées considèrent que l'utilisation de sites de réseautage sociaux augmente la probabilité d'une attaque APT concluante.
  • 87 % considèrent que BYOD (« apportez votre propre matériel ») , combiné à l'enracinement ou au déverrouillage de l'appareil, augmentent la probabilité d'une attaque APT concluante.
  • Plus de 80 % déclarent que leurs entreprises n'ont pas actualisé leurs accords de fournisseurs pour se protéger contre les APT.

« Nous ne sommes qu'en février et déjà nous pouvons proclamer 2013 l'année du piratage », a confié quant à lui Tom Kellermann, CISM, conseiller de confiance auprès du gouvernement des États-Unis et vice-président en charge de la cybersécurité chez Trend Micro. « La recherche de l'ISACA révèle que les entreprises sont attaquées et ne le réalisent même pas. Il est nécessaire d'intégrer cette sensibilisation au programme d'études des professionnels de la sécurité pour leur permettre d'élaborer la défense personnalisée dont ils ont besoin pour combattre ces attaques ciblées ».

L'étude ISACA, parrainée par Trend Micro, peut être téléchargée gratuitement sur www.isaca.org/cybersecurity.

À propos de l’ISACA

L'ISACA, qui compte 100 000 membres à l'échelle mondiale, (www.isaca.org) aide les entreprises à inspirer confiance en leurs informations et leurs systèmes, et à en tirer de la valeur. Fondée en 1969, l’ISACA atteste des compétences et des connaissances en technologies de l’information en octroyant les certifications CISA, CISM, CGEIT et CRISC. ISACA a développé le cadre COBIT, qui aide les entreprises à gérer et à gouverner leurs informations et leur technologie.

Twitter : https://twitter.com/ISACANews

Le texte du communiqué issu d’une traduction ne doit d’aucune manière être considéré comme officiel. La seule version du communiqué qui fasse foi est celle du communiqué dans sa langue d’origine. La traduction devra toujours être confrontée au texte source, qui fera jurisprudence.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
IoT is at the core or many Digital Transformation initiatives with the goal of re-inventing a company's business model. We all agree that collecting relevant IoT data will result in massive amounts of data needing to be stored. However, with the rapid development of IoT devices and ongoing business model transformation, we are not able to predict the volume and growth of IoT data. And with the lack of IoT history, traditional methods of IT and infrastructure planning based on the past do not app...
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
IoT is rapidly becoming mainstream as more and more investments are made into the platforms and technology. As this movement continues to expand and gain momentum it creates a massive wall of noise that can be difficult to sift through. Unfortunately, this inevitably makes IoT less approachable for people to get started with and can hamper efforts to integrate this key technology into your own portfolio. There are so many connected products already in place today with many hundreds more on the h...
More and more brands have jumped on the IoT bandwagon. We have an excess of wearables – activity trackers, smartwatches, smart glasses and sneakers, and more that track seemingly endless datapoints. However, most consumers have no idea what “IoT” means. Creating more wearables that track data shouldn't be the aim of brands; delivering meaningful, tangible relevance to their users should be. We're in a period in which the IoT pendulum is still swinging. Initially, it swung toward "smart for smart...
DXWorldEXPO LLC, the producer of the world's most influential technology conferences and trade shows has announced the 22nd International CloudEXPO | DXWorldEXPO "Early Bird Registration" is now open. Register for Full Conference "Gold Pass" ▸ Here (Expo Hall ▸ Here)
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...
The Jevons Paradox suggests that when technological advances increase efficiency of a resource, it results in an overall increase in consumption. Writing on the increased use of coal as a result of technological improvements, 19th-century economist William Stanley Jevons found that these improvements led to the development of new ways to utilize coal. In his session at 19th Cloud Expo, Mark Thiele, Chief Strategy Officer for Apcera, compared the Jevons Paradox to modern-day enterprise IT, examin...
DXWorldEXPO LLC announced today that ICC-USA, a computer systems integrator and server manufacturing company focused on developing products and product appliances, will exhibit at the 22nd International CloudEXPO | DXWorldEXPO. DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City. ICC is a computer systems integrator and server manufacturing company focused on developing products and product appliances to meet a wide range of ...
Headquartered in Plainsboro, NJ, Synametrics Technologies has provided IT professionals and computer systems developers since 1997. Based on the success of their initial product offerings (WinSQL and DeltaCopy), the company continues to create and hone innovative products that help its customers get more from their computer applications, databases and infrastructure. To date, over one million users around the world have chosen Synametrics solutions to help power their accelerated business or per...
Bill Schmarzo, author of "Big Data: Understanding How Data Powers Big Business" and "Big Data MBA: Driving Business Strategies with Data Science," is responsible for setting the strategy and defining the Big Data service offerings and capabilities for EMC Global Services Big Data Practice. As the CTO for the Big Data Practice, he is responsible for working with organizations to help them identify where and how to start their big data journeys. He's written several white papers, is an avid blogge...
We are seeing a major migration of enterprises applications to the cloud. As cloud and business use of real time applications accelerate, legacy networks are no longer able to architecturally support cloud adoption and deliver the performance and security required by highly distributed enterprises. These outdated solutions have become more costly and complicated to implement, install, manage, and maintain.SD-WAN offers unlimited capabilities for accessing the benefits of the cloud and Internet. ...
Charles Araujo is an industry analyst, internationally recognized authority on the Digital Enterprise and author of The Quantum Age of IT: Why Everything You Know About IT is About to Change. As Principal Analyst with Intellyx, he writes, speaks and advises organizations on how to navigate through this time of disruption. He is also the founder of The Institute for Digital Transformation and a sought after keynote speaker. He has been a regular contributor to both InformationWeek and CIO Insight...
Join IBM November 1 at 21st Cloud Expo at the Santa Clara Convention Center in Santa Clara, CA, and learn how IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Cognitive analysis impacts today’s systems with unparalleled ability that were previously available only to manned, back-end operations. Thanks to cloud processing, IBM Watson can bring cognitive services and AI to intelligent, unmanned systems. Imagine a robot vacuum that becomes your personal assistant tha...
"MobiDev is a software development company and we do complex, custom software development for everybody from entrepreneurs to large enterprises," explained Alan Winters, U.S. Head of Business Development at MobiDev, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
I think DevOps is now a rambunctious teenager - it's starting to get a mind of its own, wanting to get its own things but it still needs some adult supervision," explained Thomas Hooker, VP of marketing at CollabNet, in this SYS-CON.tv interview at DevOps Summit at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Recently, WebRTC has a lot of eyes from market. The use cases of WebRTC are expanding - video chat, online education, online health care etc. Not only for human-to-human communication, but also IoT use cases such as machine to human use cases can be seen recently. One of the typical use-case is remote camera monitoring. With WebRTC, people can have interoperability and flexibility for deploying monitoring service. However, the benefit of WebRTC for IoT is not only its convenience and interopera...
Cloud-enabled transformation has evolved from cost saving measure to business innovation strategy -- one that combines the cloud with cognitive capabilities to drive market disruption. Learn how you can achieve the insight and agility you need to gain a competitive advantage. Industry-acclaimed CTO and cloud expert, Shankar Kalyana presents. Only the most exceptional IBMers are appointed with the rare distinction of IBM Fellow, the highest technical honor in the company. Shankar has also receive...
It is of utmost importance for the future success of WebRTC to ensure that interoperability is operational between web browsers and any WebRTC-compliant client. To be guaranteed as operational and effective, interoperability must be tested extensively by establishing WebRTC data and media connections between different web browsers running on different devices and operating systems. In his session at WebRTC Summit at @ThingsExpo, Dr. Alex Gouaillard, CEO and Founder of CoSMo Software, presented ...
WebRTC is great technology to build your own communication tools. It will be even more exciting experience it with advanced devices, such as a 360 Camera, 360 microphone, and a depth sensor camera. In his session at @ThingsExpo, Masashi Ganeko, a manager at INFOCOM Corporation, introduced two experimental projects from his team and what they learned from them. "Shotoku Tamago" uses the robot audition software HARK to track speakers in 360 video of a remote party. "Virtual Teleport" uses a multip...
Business professionals no longer wonder if they'll migrate to the cloud; it's now a matter of when. The cloud environment has proved to be a major force in transitioning to an agile business model that enables quick decisions and fast implementation that solidify customer relationships. And when the cloud is combined with the power of cognitive computing, it drives innovation and transformation that achieves astounding competitive advantage.