Targeted Attacks: Raising Risk Urgency

Trend Micro's Tom Kellermann on Responding to Evolving Attacks, Strategies
Targeted Attacks: Raising Risk Urgency

Detecting and preventing advanced attacks isn't just a technology issue - it's a business risk that needs to be elevated to the highest levels of an organization. Trend Micro's Tom Kellermann shares strategies.

See Also: Hunt Cloud Threats or Be Hunted | CISO Guide to Cloud Compromise Assessments

Attackers vary - they could be organized criminals, hacktivists or nation states. But one point they have in common: They understand the virtual supply chain, and they will target an organization's weakest link.

"They are conducting what's called 'island-hopping attacks' to leverage weaker elements of your supply chain, whether it's your outside general counsel or the PR/marketing firm that you depend upon," says Kellermann, Trend Micro's chief cybersecurity officer. "They understand your environment, they understand who your partners are," and they are exploiting any entry point to obtain the access and data they desire.

And one only needs to look at the recent news headlines to realize the potential business impact of such exploits.

"The Target breach really illustrated the unexpected and unintended consequences," Kellermann says, "which can include strategic impacts from costs to risks to professional impacts on the careers of the executives."

In an interview about evolving attacks and strategies, Kellermann discusses:

  • Why targeted attacks are a strategic business problem;
  • Biggest misperceptions about handling targeted attacks;
  • Trend Micro's breach prevention capabilities.

Kellermann is a trusted advisor for Cybersecurity. He is responsible for analysis of emerging cybersecurity threats and relevant defensive technologies. He served on The Commission on Cyber Security for the 44th Presidency and serves as an advisor to the International Cyber Security Protection Alliance (ICSPA), and the National Board of Information Security Examiners Panel for Penetration Testing. He is a Professor at American University's School of International Service.

About the Author

Information Security Media Group

Information Security Media Group (ISMG) is the world's largest media company devoted to information security and risk management. Each of its 37 media sites provides relevant education, research and news that is specifically tailored to key vertical sectors including banking, healthcare and the public sector; geographies from North America to Southeast Asia; and topics such as data breach prevention, cyber risk assessment and fraud. Its yearly global summit series connects senior security professionals with industry thought leaders to find actionable solutions for pressing cybersecurity challenges.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.