A Study on the Impacts of Advanced Persistent Threat (APT) on Corporate Information Security Policy

• Main Authors: Hsiang Chi, 季祥
• Other Authors: Chien-Liang Kuo
• Format: Others
• Language: zh-TW
• Published: 2014
• Online Access: http://ndltd.ncl.edu.tw/handle/10868642773761817807

碩士 === 中國文化大學 === 資訊管理學系碩士在職專班 === 102 === Prevention from hackers is an important issue for government and corporate in Internet era. It is particularly truly when information security (InfoSec) paradigm has shifted into the Advanced Persistent Threat (APT) Mode of targeted attack, which then makes traditional security methods insufficient in dealing with the complexity of these new threats. How to refine and design suitable policies or principles for government and corporate information systems, therefore, become vital but unanswered challenges. To help governments and enterprises react to the challenges mentioned above, this research propose a five-dimensional InfoSec strategy framework covering 29 items through literature review. Furthermore, to validate the propose framework and to identify the key issues, 32 InfoSec experts are invited to participate the three-round survey through Delphi method. Our results show that the topics and issues covered are almost the same for the case of APT and that of traditional threats; however, the focal issues worth paying attention to and the suggested way in rethinking of the whole InfoSec strategy are obviously different, from the very nature. In particular, this research finds that the most important five items in APT scenarios are: information exchange (Email), network access control (network segmentation), malicious codes and mobile codes prevention (endpoint security), drills and review of social engineering prevention, and network security management (firewall and intrusion detection). It is suggested that corporate should examine the current InfoSec policies and re-evaluate the risk with technical standards.