A rather interesting article. What I like is the description it provides of the attackers potential landscape in today’s global, verbose connected world. It does give some recommendations which I’ve summarised below:
1. Focus your efforts on those assets that could ‘ruin’ your company following a successful attack. This way the real attacks are not lost in the noise of monitoring of all systems.
2. Make your information/communication assets dynamic. Each asset should report to a real-time inventory system. Make it graphically intuitive, so ‘alien’ systems are quick to alert.
3. Obviously to be proactive rather than reactive. Although I would say that this is more with having an InfoSec program that is trained in forensics and understands the law when it comes to ‘nailing’ down attacked coming from the ‘inside’.