In recent years, we have witnessed a radical change in the methods, timing and tactics with which companies, industries and entities are subject to cyber attacks.
There are several reasons:
- More complex ICT Infrastructures
- More and more people operate outside the company’s premises
- The cost of obtaining resources necessary to launch a cyber attack, even complex, are lower
- Use of social engineering as an instrument for the preparation of an attack
- Increase in attacks aimed at a specific objective (Targeted Attack)
- Attacks through a company’s stakeholders
- Attacks perpetrated over long timeframes (Advanced Persistent Threat)
Often these critical situations are addressed with specific technological solutions, which offer exclusively tactical responses to the problems. Nevertheless, to effectively neutralize all these threats, it is necessary to equip oneself with evolving strategies that cover all the phases of the cycle of the most common Cyber Security frameworks: “PREVENT – DETECT – RESPOND”, and with solutions that can be integrated, creating synergy amongst them.