Welcome!

Agile Computing Authors: Elizabeth White, Tim Hinds, Liz McMillan, Pat Romanski, Jeev Trika

News Feed Item

Pesquisa de segurança cibernética da ISACA revela que uma em cada cinco empresas já experimentou um ataque de APT

Pesquisa global sobre segurança cibernética com mais de 1.500 profissionais de segurança fevelou que um em cada cinco profissionais disse que sua empresa já tinha experimentado um ataque de ameaça persistente avançada (APT). De acordo com o estudo realizado pela associação global de TI da ISACA, 94% dizem que APTs representam uma ameaça real para a segurança nacional e a estabilidade econômica, mas a maioria das empresas está empregando tecnologias ineficazes para se protegerem.

Os APTs, uma tática de espionagem com objetivo de roubar propriedade intelectual, foram motivo de manchetes na imprensa nos últimos anos por violação das maiores redes empresariais e governamentais de todo o mundo. Mais de 60% dos entrevistados dizem que é apenas uma questão de tempo até que sua empresa se torne alvo.

Conscientização da ISACA sobre ameaça avançada persistente: Os resultados do estudo mostram que 96% dos entrevistados dizem que estão de alguma forma familiarizados com os APTs. Embora isto seja positivo, 53% dizem que não acreditam que os APTs sejam diferentes das ameaças tradicionais—indicando que muitos não as entendem completamente.

"Os APTs são sofisticados, furtivos e implacáveis", disse Christos Dimitriadis, Ph.D., CISA, CISM, CRISC, vice-presidente internacional da ISACA e chefe de segurança da informação do GRUPO INTRALOT. "As ameaças cibernéticas tradicionais muitas vezes movem-se para o próximo alvo quando não conseguem infiltrar-se no seu alvo inicial, mas um APT continuará tentando infiltrar-se no alvo desejado até que ele cumpra o seu objetivo—e quando isso acontece, ele pode se disfarçar e se transformar, quando necessário, o que o torna difícil de identificar ou parar."

Mais de 60% dos entrevistados dizem que estão prontos para responder a ataques APT. No entanto, antivírus e antimalware (95%) e tecnologias de perímetro de rede, como os firewalls (93%) estão no topo da lista de controles que suas empresas usam para parar APTs—uma declaração preocupante, levando em conta que APTs são conhecidos por evitar serem capturados por esses tipos de controles. O estudo mostra que os controles de segurança de dispositivos móveis, que são mais eficazes, são usados ​​com muito menos frequência.

"Os APTs precisam de muitas abordagens defensivas, do treinamento de conscientização que altera contratos de terceiros para garantir que os fornecedores estejam bem protegidos, até a implementação de controles técnicos", disse Jo Stewart-Rattray, CISA, CISM, CGEIT, CRISC, FACS CP, diretor da ISACA e diretor de segurança da informação e garantia de TI da BRM Holdich.

O estudo também constatou que:

  • 90% dos entrevistados acreditam que o uso de sites de redes sociais aumenta a probabilidade de sucesso de um APT.
  • 87% acreditam que "traga seu próprio dispositivo" (BYOD), combinado com acesso superusuário [rooting] ou desbloqueio iOS [jailbreak] do aparelho, faz um ataque bem sucedido de APT ser mais provável.
  • Mais de 80% dizem que suas empresas não atualizaram seus contratos de fornecedores para se protegerem contra APTs.

"Estamos apenas em fevereiro e já podemos declarar 2013 como o ano do hack", disse Tom Kellermann, CISM, conselheiro de confiança do governo dos EUA e vice-presidente de segurança cibernética da Trend Micro. "A pesquisa da ISACA revela que as empresas estão sob ataque e nem mesmo sabem disso. É necessário trazer essa consciência ao currículo de instrução dos profissionais de segurança para que possam construir a defesa customizada que precisam para combater esses ataques direcionados ".

O estudo da ISACA, patrocinado pela Trend Micro, está disponível para download gratuito em www.isaca.org/cybersecurity.

Sobre a ISACA

Com 100.000 membros em todo o mundo, a ISACA(www.isaca.org) ajuda as empresas a manter a confiança e o valor de suas informações e sistemas. Fundada em 1969, a ISACA avança e atesta as habilidades de TI e o conhecimento através das certificações CISA, CISM, CGEIT e CRISC. A ISACA desenvolveu a estrutura COBIT, que ajuda as empresas a administrar e controlar a suas informações e tecnologias.

Siga a ISACA no Twitter: https://twitter.com/ISACANews

O texto no idioma original deste anúncio é a versão oficial autorizada. As traduções são fornecidas apenas como uma facilidade e devem se referir ao texto no idioma original, que é a única versão do texto que tem efeito legal.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

@ThingsExpo Stories
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, wh...
SYS-CON Events announced today that ContentMX, the marketing technology and services company with a singular mission to increase engagement and drive more conversations for enterprise, channel and SMB technology marketers, has been named “Sponsor & Exhibitor Lounge Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York City, New York. “CloudExpo is a great opportunity to start a conversation with new prospects, but what happens after the...
The essence of data analysis involves setting up data pipelines that consist of several operations that are chained together – starting from data collection, data quality checks, data integration, data analysis and data visualization (including the setting up of interaction paths in that visualization). In our opinion, the challenges stem from the technology diversity at each stage of the data pipeline as well as the lack of process around the analysis.
The IoT is changing the way enterprises conduct business. In his session at @ThingsExpo, Eric Hoffman, Vice President at EastBanc Technologies, discuss how businesses can gain an edge over competitors by empowering consumers to take control through IoT. We'll cite examples such as a Washington, D.C.-based sports club that leveraged IoT and the cloud to develop a comprehensive booking system. He'll also highlight how IoT can revitalize and restore outdated business models, making them profitable...
The 19th International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Containers, Microservices and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding business opportunity. Submit y...
SYS-CON Events announced today that MangoApps will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. MangoApps provides modern company intranets and team collaboration software, allowing workers to stay connected and productive from anywhere in the world and from any device. For more information, please visit https://www.mangoapps.com/.
Internet of @ThingsExpo, taking place November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with the 19th International Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry players in the world and ThingsExpo New York Call for Papers is now open.
Designing IoT applications is complex, but deploying them in a scalable fashion is even more complex. A scalable, API first IaaS cloud is a good start, but in order to understand the various components specific to deploying IoT applications, one needs to understand the architecture of these applications and figure out how to scale these components independently. In his session at @ThingsExpo, Nara Rajagopalan is CEO of Accelerite, will discuss the fundamental architecture of IoT applications, ...
In his session at 18th Cloud Expo, Bruce Swann, Senior Product Marketing Manager at Adobe, will discuss how the Adobe Marketing Cloud can help marketers embrace opportunities for personalized, relevant and real-time customer engagement across offline (direct mail, point of sale, call center) and digital (email, website, SMS, mobile apps, social networks, connected objects). Bruce Swann has more than 15 years of experience working with digital marketing disciplines like web analytics, social med...
SYS-CON Events announced today that Enzu, a leading provider of cloud hosting solutions, will exhibit at SYS-CON's 18th International Cloud Expo®, which will take place on June 7-9, 2016, at the Javits Center in New York City, NY. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to foc...
Customer experience has become a competitive differentiator for companies, and it’s imperative that brands seamlessly connect the customer journey across all platforms. With the continued explosion of IoT, join us for a look at how to build a winning digital foundation in the connected era – today and in the future. In his session at @ThingsExpo, Chris Nguyen, Group Product Marketing Manager at Adobe, will discuss how to successfully leverage mobile, rapidly deploy content, capture real-time d...
IoT generates lots of temporal data. But how do you unlock its value? How do you coordinate the diverse moving parts that must come together when developing your IoT product? What are the key challenges addressed by Data as a Service? How does cloud computing underlie and connect the notions of Digital and DevOps What is the impact of the API economy? What is the business imperative for Cognitive Computing? Get all these questions and hundreds more like them answered at the 18th Cloud Expo...
As cloud and storage projections continue to rise, the number of organizations moving to the cloud is escalating and it is clear cloud storage is here to stay. However, is it secure? Data is the lifeblood for government entities, countries, cloud service providers and enterprises alike and losing or exposing that data can have disastrous results. There are new concepts for data storage on the horizon that will deliver secure solutions for storing and moving sensitive data around the world. ...
What a difference a year makes. Organizations aren’t just talking about IoT possibilities, it is now baked into their core business strategy. With IoT, billions of devices generating data from different companies on different networks around the globe need to interact. From efficiency to better customer insights to completely new business models, IoT will turn traditional business models upside down. In the new customer-centric age, the key to success is delivering critical services and apps wit...
SYS-CON Events announced today that 24Notion has been named “Bronze Sponsor” of SYS-CON's 18th Cloud Expo, which will take place on June 7-9, 2016, at the Javits Center in New York, New York. 24Notion is full-service global creative digital marketing, technology and lifestyle agency that combines strategic ideas with customized tactical execution. With a broad understand of the art of traditional marketing, new media, communications and social influence, 24Notion uniquely understands how to con...
WebRTC is bringing significant change to the communications landscape that will bridge the worlds of web and telephony, making the Internet the new standard for communications. Cloud9 took the road less traveled and used WebRTC to create a downloadable enterprise-grade communications platform that is changing the communication dynamic in the financial sector. In his session at @ThingsExpo, Leo Papadopoulos, CTO of Cloud9, will discuss the importance of WebRTC and how it enables companies to fo...
SYS-CON Events announced today TechTarget has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY, and the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. TechTarget is the Web’s leading destination for serious technology buyers researching and making enterprise technology decisions. Its extensive global networ...
Korean Broadcasting System (KBS) will feature the upcoming 18th Cloud Expo | @ThingsExpo in a New York news documentary about the "New IT for the Future." The documentary will cover how big companies are transmitting or adopting the new IT for the future and will be filmed on the expo floor between June 7-June 9, 2016, at the Javits Center in New York City, New York. KBS has long been a leader in the development of the broadcasting culture of Korea. As the key public service broadcaster of Korea...
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York and Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty ...
There are several IoTs: the Industrial Internet, Consumer Wearables, Wearables and Healthcare, Supply Chains, and the movement toward Smart Grids, Cities, Regions, and Nations. There are competing communications standards every step of the way, a bewildering array of sensors and devices, and an entire world of competing data analytics platforms. To some this appears to be chaos. In this power panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists will discuss the vast to...