An Advanced Persistent Threat (APT) is a sophisticated cyber-attack typically launched by nation states or advanced cyber criminals, who gain unauthorised access to computer systems/networks and remain undetected for an extended period of time. Such attacks are not conceived on the spur-of-the-moment. Rather, they are deliberately planned over prolonged time periods with specific targets in mind.
Data breaches continue to occur, in spite of all the perimeter and endpoint security defenses organisations have deployed to detect and block sophisticated APTs. These counter measures have not been enough to stop sophisticated cyber criminals from stealing sensitive data. Companies have realised that protecting sensitive data through access controls, encryption and tokenisation is the last line of defence for preventing data exposure and reducing overall business risks.
The CipherTrust Data Security Platform from Thales can enable organisations from protecting business critical and sensitive data from APTs. The CipherTrust Platform enables organisations to discover, protect and control an organisation’s sensitive data with next generation unified data protection. It removes data security complexity, accelerates time to compliance and secures cloud migration, which results in less resources dedicated to data security operations, ubiquitous compliance controls and significantly reduced risk across your business.
Advanced Persistent Threats are highly sophisticated and customised attacks that are designed to get around the traditional network perimeter and endpoint security measures used by organisations. They are challenging to detect and protect against in the following ways.
Organisations have realised that investing in a comprehensive data security is the last line of defense against APTs. With robust data security solution, which includes data discovery and protection, fine-grained access control and centralised key management solution any organisation can encrypt/tokenise sensitive data such as – personal identifiable information (PII), personal health information (PHI) and financial data (credit card numbers, account numbers). Hence, that data is rendered unreadable and has no value to the cyber attacker.
The CipherTrust Data Security Platform from Thales unifies data discovery, classification, data protection, unprecedented granular access controls with centralised key management – all on a single platform.
The CipherTrust Data Security Platform offers the following benefits to organisations in defending against APTs.
• Simplify Data Security: Discover, protect and control sensitive data anywhere with next-generation unified data protection. The CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralised management console that equips organisations with powerful tools to discover and classify sensitive data, combat advanced persistent threats, guard against insider abuse and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. Organisations can easily uncover and close privacy gaps, prioritise protection and make informed decisions about privacy and security mandates before a digital transformation implementation.
• Accelerated Time to Compliance: Regulators and auditors require organisations to have control of regulated and sensitive data and reports to prove it. CipherTrust Data Security Platform capabilities, such as data discovery and classification, encryption, access control, audit logs, tokenisation and key management support ubiquitous data security and privacy requirements. These controls can be quickly added to new deployments or in response to evolving compliance requirements. The centralised and extensible nature of the platform enables new controls to be added quickly through the addition of licences and scripted deployment of the needed connectors in response to new data protection requirements.
• Secure Cloud Migration: It offers advanced encryption and centralised key management solutions that enable organisations to safely store sensitive data in the cloud. The platform offers advanced multi-cloud Bring Your Own Encryption (BYOE) solutions to avoid cloud vendor encryption lock-in and ensure the data mobility to efficiently secure data across multiple cloud vendors with centralised, independent encryption key management. Organisations that cannot bring their own encryption can still follow industry best practices by managing keys externally using the CipherTrust Cloud Key Manager. The CipherTrust Cloud Key Manager supports Bring Your Own Key (BYOK) use-cases across multiple cloud infrastructures and SaaS applications.