Targeted Attacks: Raising Risk UrgencyTrend Micro's Tom Kellermann on Responding to Evolving Attacks, Strategies
Detecting and preventing advanced attacks isn't just a technology issue - it's a business risk that needs to be elevated to the highest levels of an organization. Trend Micro's Tom Kellermann shares strategies.
Attackers vary - they could be organized criminals, hacktivists or nation states. But one point they have in common: They understand the virtual supply chain, and they will target an organization's weakest link.
"They are conducting what's called 'island-hopping attacks' to leverage weaker elements of your supply chain, whether it's your outside general counsel or the PR/marketing firm that you depend upon," says Kellermann, Trend Micro's chief cybersecurity officer. "They understand your environment, they understand who your partners are," and they are exploiting any entry point to obtain the access and data they desire.
And one only needs to look at the recent news headlines to realize the potential business impact of such exploits.
"The Target breach really illustrated the unexpected and unintended consequences," Kellermann says, "which can include strategic impacts from costs to risks to professional impacts on the careers of the executives."
In an interview about evolving attacks and strategies, Kellermann discusses:
- Why targeted attacks are a strategic business problem;
- Biggest misperceptions about handling targeted attacks;
- Trend Micro's breach prevention capabilities.
Kellermann is a trusted advisor for Cybersecurity. He is responsible for analysis of emerging cybersecurity threats and relevant defensive technologies. He served on The Commission on Cyber Security for the 44th Presidency and serves as an advisor to the International Cyber Security Protection Alliance (ICSPA), and the National Board of Information Security Examiners Panel for Penetration Testing. He is a Professor at American University's School of International Service.