A persistent state of compromise

A persistent state of compromise

… individual attackers can purchase advanced malware development kits that are capable of creating attack tools with a level of sophistication that just 2 years ago would have required the resources of a nation-state. The resulting malware is uniquely focused on a single attack vector, so no existing signature- or rule-based tool can detect it, and the developers can even pay to have it tested against a wide range of commercial security tools to verify its stealthiness. When combined with today’s mind-numbingly complex infrastructures that incorporate not only thousands of virtual machines, users, applications and data containers but also cloud applications, social networking and mobile devices (aka ‘the third platform’) it’s virtually impossible for any security organization to provide a high level of confidence that they can keep the bad guys out of the environment.

The new phrase that’s being thrown around that encapsulates this idea is ‘persistent state of compromise’, which illustrates the point that many security professionals are only now coming to realize – you can no longer afford to focus solely on keeping the bad guys out.

RSA Blog

Plainsboro Township, New Jersey, United States of America