Advanced Persistent Threat Solutions

Advanced Persistent Threats are highly sophisticated and customised attacks that are designed to get around the traditional network perimeter and endpoint security measures used by organisations. They are challenging to detect and protect against in the following ways.

• Bypass Signature-based Systems: Traditional antivirus solutions are ineffective at detecting and blocking APTs, since they rely on signatures that use pattern matching techniques. Whereas APTs are polymorphic in nature that frequently change identifiable characteristics like file names, file size and encryption to make the malware unrecognisable.
• Generate Unusual User Activity: APTs generate unusual user activity, such as increase in-logins late at night using compromised credentials, or large amount of data flows from internal systems to external command and control servers operated by cyber criminals to steal data. Very few security solutions track user behaviour anomalies that lead to data breaches.
• New Threat Vectors from Cloud Adoption: Increased adoption of hybrid cloud infrastructures introduce a host of threat vectors, where an organisation's current security controls do not integrate. This introduces security blind spots such as Shadow IT, where unauthorised software-as-a-service (SaaS) applications are used by lines of businesses that puts sensitive corporate data at risk.

Organisations have realised that investing in a comprehensive data security is the last line of defense against APTs. With robust data security solution, which includes data discovery and protection, fine-grained access control and centralised key management solution any organisation can encrypt/tokenise sensitive data such as – personal identifiable information (PII), personal health information (PHI) and financial data (credit card numbers, account numbers). Hence, that data is rendered unreadable and has no value to the cyber attacker.

The CipherTrust Data Security Platform from Thales unifies data discovery, classification, data protection, unprecedented granular access controls with centralised key management – all on a single platform.

• Discover and classify data: Discovering and classifying your sensitive data is the critical first step in this process. Knowing where your business sensitive resides across the enterprise and what type of risk it poses with regards to data privacy and compliance is an important first step
• Protect sensitive data: Implementing the right king of access controls and encryption or tokenisation policies to obfuscate the data prevents sensitive data from being exposed to unauthorised users or advanced cyber criminals.
• Control encryption keys: Any robust cryptographic solution depends on the security of the cryptographic keys used to encrypt the data. As organisations deploy ever-increasing numbers of siloed data repositories encryption solutions, they need to be able to manage security policies across disparate data siloes, with centralised key life-cycle management and fine-grained access control to keys and data.

The CipherTrust Data Security Platform offers the following benefits to organisations in defending against APTs.

• Simplify Data Security: Discover, protect and control sensitive data anywhere with next-generation unified data protection. The CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralised management console that equips organisations with powerful tools to discover and classify sensitive data, combat advanced persistent threats, guard against insider abuse and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. Organisations can easily uncover and close privacy gaps, prioritise protection and make informed decisions about privacy and security mandates before a digital transformation implementation.

• Accelerated Time to Compliance: Regulators and auditors require organisations to have control of regulated and sensitive data and reports to prove it. CipherTrust Data Security Platform capabilities, such as data discovery and classification, encryption, access control, audit logs, tokenisation and key management support ubiquitous data security and privacy requirements. These controls can be quickly added to new deployments or in response to evolving compliance requirements. The centralised and extensible nature of the platform enables new controls to be added quickly through the addition of licences and scripted deployment of the needed connectors in response to new data protection requirements.

• Secure Cloud Migration: It offers advanced encryption and centralised key management solutions that enable organisations to safely store sensitive data in the cloud. The platform offers advanced multi-cloud Bring Your Own Encryption (BYOE) solutions to avoid cloud vendor encryption lock-in and ensure the data mobility to efficiently secure data across multiple cloud vendors with centralised, independent encryption key management. Organisations that cannot bring their own encryption can still follow industry best practices by managing keys externally using the CipherTrust Cloud Key Manager. The CipherTrust Cloud Key Manager supports Bring Your Own Key (BYOK) use-cases across multiple cloud infrastructures and SaaS applications.