I recently read the book “Advance Persistent Threat: Understanding the Danger and How to Protect your Organization”. The following paragraph in the introductory Chapter really stood out for me:
A product solves a problem, but a solution implemented correctly reduces risk. Now products are absolutely a key part of implementing an effective solutions, but it needs to be wrapped with configuration, monitoring and validation to make sure that the risk it was meant to address is being lowers to the appropriate level. For example installing AV [anti-virus] software on everyone’s systems is a product. Configuring it to look for the correct malware, updating it and performing event correlation to understand the threats and react to any attempted attacks in a timely manner is a solution.
It is for exactly this reason Nexor have developed the CyberShield Secure® methodology. We develop high assurance products that become part of a customers security infrastructure – but these products are ineffective if they are not deployed into a sensible architecture, configured appropriately and maintained. CyberShield Secure is the structured way we work with our customers and delivery channels to ensure our solutions meet their security expectations.
Beyond this quote, the book is excellent reading and recommended to anyone faced with the problem of protecting an organisations from APTs.
Cole, Eric. Advance Persistent Threat: Understanding the Danger and How to Protect your Organization, Syngress, ISBN: 9781597499491