Training

Incident & Breach Response , Security Operations

Moving from Indicators of Compromise to Indicators of Attackers: But Will Attacker Attribution Really Help Us?

Moving from Indicators of Compromise to Indicators of Attackers: But Will Attacker Attribution Really Help Us?

How does attacker attribution help a CISO and an enterprise? The answer: More than most might think. Most organizations don't care who the attacker is. They just want to stave off attacks. But could they do more?

See Also: 2020 Gartner Market Guide for Network Detection and Response

By using indicators of compromise, for instance, organizations can strengthen their defenses. IOCs are basically just signatures of cyber-weapons used during attacks. They are not indicators of who the attackers are. But by creating 'indicators of attacker compromise' (IOAC), the attack attributes of one cyber-gang linked to multiple types of attacks quickly become very useful. If one attack group is linked to banking Trojans and cyberespionage against employee email accounts, for instance, then identifying the methods used can benefit organizations that are targeted by that same group in the future. So instead of just relying on multiple, somewhat-redundant IOCs across attack target types, organizations also can benefit from a single IOAC, which should be predictive of future unseen attacks. In this discussion about attribution and the role IOCs and IOACs play, moderator Garter Vice President and Distinguished Analyst Avivah Litan will question our panel of experts about the future of attribution, and why it is becoming more critical for organizations across numerous sectors.

Additional Summit Insight:
Hear from more industry influencers, earn CPE credits, and network with leaders of technology at our global events. Learn more at our Fraud & Breach Prevention Events site.

Slide Previews

Webinar Registration

Premium Members Only

OnDemand access to this webinar is restricted to Premium Members.

Join Now to Access
Have an account? Sign in.


Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing ffiec.bankinfosecurity.com, you agree to our use of cookies.