7 stages of advanced threats - fujitsu · security leaders to deploy appropriate controls, says...
TRANSCRIPT
7 Stages of Advanced Threats© 2013 Information Security Media Group
Jason Clark, James Robinson of Websense on Key Characteristics
7 Stages of Advanced Threats
7 Stages of Advanced Threats© 2013 Information Security Media Group
What are the seven stages of advanced threats, and what can organizations
do to improve how they defend against them? Jason Clark and James Robinson of Websense share new insights and strategies.
How does one distinguish advanced threats from traditional? One key difference, says Robinson, security architect and strategy officer at Websense, is that classic threats target systems. Advanced threats are after intellectual property.
“The advanced threats are also getting much more complex,” he says. “They’re using many steps to actually become successful,” including social engineering and software exploits targeting the end-users.
The seven stages of advanced threats account for how threat actors are breaching organizations, as well as the methods they are using to steal data. This information helps security leaders to deploy appropriate controls, says Clark, chief security and strategy officer.
“We look at it as an architecture framework,” Clark says. “Now that we’ve broken down how they’re going to get in, how they’re going to get the data out and try to evade our security, [then] what’s the perfect architecture [to prevent] that?”
Read on to learn from Clark and Robinson:
• Distinguishingcharacteristicsofadvancedthreats;• Originofthesevenstages;• Newsecuritysolutions.
Robinson is the security architect and strategy officer at Websense. His key responsibilities are internal security strategy and innovation. He brings more than a decade of both IT and product engineering security leadership to Websense. He has previously held leadership positions with Fortune 150 and Fortune 100 companies including: Emerson Electric, Anheuser-Busch and State Farm Insurance.
Clark is chief security and strategy officer for Websense, Inc. In this role, Clark and his team are responsible for corporate strategy, information security, marquee account relationships, and providing strategic services to CIOs and CISOs worldwide. As a former CISO and vice president of infrastructure for Fortune 100 and 500 companies, Clark uses his business and security expertise to advise CXO executives on successful strategies to improve their IT infrastructure.
7 Stages of Advanced Threats© 2013 Information Security Media Group
Advanced Threats vs. Tradi-tional Threats
TOM FIELD:James,whatdistinguishes
advancedthreatsfromtraditionalthreatsthat
organizationshavefaced?
ROBINSON:Thereareacoupleofdifferent
thingsthatreallychangethegamewith
advancedthreatscomparedtotraditional,
andthere’snotreallyasetdefinitionofwhat’s
atraditionalthreatandwhat’sanadvanced
threat,butthegameisdefinitelychanging,
andwe’reseeingthischangeoverthelast
coupleofyears.Traditionalthreatstypically
aregoingaftersystems,andwedidn’tseealot
oftraditionalthreats.Thiswouldbemorelike
thewormsthatwouldpropagate,goingafter
thedatainsideofyoursystems.
Theadvancedthreatsthatwe’reseeingtoday
arereallystartingtotargettheinformation
andtheintellectualpropertythatyouhave
insideofyourorganization.Theadvanced
threatsarealsogettingmuchmorecomplex.
They’reusingmanystepstoactuallybecome
successful,andthey’reusingthesestepsfrom
traditionalthreatsthatwe’veseen.Things
likesocialengineering,whichwasathreat
allorganizationshaveknownforalongtime,
dealtwithandhadvaryingdegreesofsuccess
withthat-that’sanaspectoftheadvanced
threat.
Anotherthingisexploitingsoftware
vulnerabilities,whichissomethingthatwe’ve
knownaboutforalongtimeasanindustry,
butnowit’sactuallybeingincludedinto
advancedthreats,thedifferentstagesand
beingexecutedagainstourend-users.That’s
oneofthedifferentchangesaswell.Inmy
historyofdoingpenetrationtests,I’dalways
beaskedtogoandfocusonawebserverand
focusonmaybewherethedatagoesafterthat,
butnotfocusontheend-users.Thatapproach
rightthere,thatmindsetofjustfocusingon
oneaspectandnottheentireecosystem,is
exactlywhatwe’vesetourselvesupforand
whattheadvancedthreatistakingadvantage
of,wherethey’retargetingtheend-usersand
thengoingafterthedataandgettingaccess
tothisdatathattheywanttostealfromthe
organization.
Theotherthingtheadvancedthreatsare
alsostartingtodiveinto[are]blindspots.…
Traditionalsecurityapproachesthatweuse
tosecureourselves,they’realsousingthose
tostealthedataandtoex-filtrateinformation
fromourorganizations.
7 Stages of Advanced Threats
FIELD:Jason,let’stalkabouttheseven
stages.What’stheoriginofthisseven-stage
approach?
CLARK:Probablyaboutfiveyearsago,[we
startedto]breakdownhowthebadguys
arebreakingin,whatthestepsarethat
they’retakingeachstepofthewayasthey
trytogettheirhandsonourdata,andthen
understandingwhatthecontrolsare.The
sevenstagesisreallymoreofafactof,“thisis
exactlythestepsthatthey’realltaking,”and
wewantedtounderstandhowthey’regetting
aroundthecontrolsandwheredothose
existingcontrolswehavewithtechnology
slidein.Howarewebeingprotected?
Ithasn’tbeentalkedaboutasthesevenstages
inthepast.Usingasanexampleyourhome,
if[abadguy]isgoingtobreakin,he’sgoing
totrytoeithercomethroughthewindow;
he’sgoingtocomethroughthedoor.What’s
thenextstepyou’regoingtodotoinvade
whateversecurityyouhave?It’sjustthe
variousstagesofthat.
However,atthesametime,welookatitasan
architectureframework.Nowthatwehave
brokendownhowthey’regoingtogetin,
howthey’regoingtogetthedataoutandhow
they’regoingtotryandinvadeoursecurity,
what’stheperfectarchitectureforthat?
Becauseeverythingelsetodayisverysiloedin
onestage,oroneandahalfortwostages,but
nothingwilllookatallsevenstagesandshare
informationofwhat’sgoingonandreally
maintainthestateofthatbadguy,alltheway
downfrominfiltrationtoex-filtration.We
startedthenbuildingthattechnologyintoour
[solutions]asaframeworkofunderstanding
theneedtosharethatintelligence.Everything
wedo,thisistheframeworkthatweuse.
Atthesametime,welookedatandwegot
togetherwithabraintrustofthetop30CISOs
intheFortune500thatwe’refriendswithand
“That mindset of just focusing on one aspect and not the entire ecosystem is exactly what we’ve set ourselves up for and what the advanced threat is taking advantage of.” -James Robinson
7 Stages of Advanced Threats© 2013 Information Security Media Group
“It may not be that data theft is occurring while you’re on the corporate network, but when you’re off the corporate network, when you go home and you work at night.” -James Robinson
lookedatthisas,“Wecantakethistoanother
stageandwecanreallystartsayingthisisn’t
justabouttechnology.”Thisisaboutpeople
andprocessesaswell.Sincethisisthethreat
modelforhowthebadguygetsin,weshould
startdoingstrategyassessmentsandgrading
ourselvesonsuccessfulness.
It’sacollaborationofknowingthisishowit
works,howthebadguygetsinandgetsstuff
out.Thenwegotoourtechnologyasbeing
awareofthat,andatthesametimethenbuild
awholestrategyandframeworkaround
people,processandtechnology,andastrategy
assessmentaroundthesevenstages.
Breaking Down the Stages
FIELD:Let’stalkaboutsomeoftheseseven
stages,andJamesI’lltossthisquestionto
you.Let’sstartwithreconnaissanceand
lure.What’shappeninghereandhowisit
happening?
ROBINSON:Reconnaissanceandlureare
thefirsttwostagesoftheattack.There
aredifferentthingsthathappenhere.
Reconnaissanceisalotofinformation
gathering.That’sthesituationwherethe
attacker’sstartingtoputthemselvesina
positionwheretheywanttocompromisean
adversaryorsomeoneelse.Tom,ifIwanted
tocompromiseyou,whatIwoulddoisI’d
lookupyourname,I’dlookupwhereyoulive,
I’dlookupactivitiesandthingsthatyou’re
involvedinsoIcanthencraftalureoneway
oranother.Icouldsendyouane-mail.Icould
buildawebsitethatmaybeyou’dbeinterested
ingoingto,andI’dputtheseouttherewith
informationthat’srelevanttoyouwithdata
thatyouwanttoactuallyuse.
InThe New York Timesattack,itlaiditout
verywell;theydocumentedthingsandhad
allkindsofarticlesandpostsonit.There
wasthegentleman,David[Barboza].Hewas
actuallyputtinginformationoutthereand
thenwritinganarticleonChina.Bydoingso,
Chinafoundoutaboutthis.Whatdidthey
7 Stages of Advanced Threats© 2013 Information Security Media Group
wanttodo?Theywantedtofigureoutwhere
Davidwasgettinghisinformation:what
connectionsdidhehave;whate-mails;how
muchinformationdidhehave?Theytargeted
David,andtheyspear-phishedane-mailto
him,basicallyluringhimtoclickonthelink
insideofthate-mail.That’sreallywhat’s
goingonthere.They’relookingforatarget,
they’reidentifyingatarget,identifyingthe
informationandthencraftingamessageor
craftingawayforthatpersontogaintrustin
thatsiteorgaininterestinit-maybenoteven
trust,justenoughinterest-togetthemtobe
baitedandruntherestoftheirattackonthat
person’ssystems.
Understanding Exploits
FIELD:Let’stalkabouttheexploit.What’s
newhere?
CLARK:Theexploitissomethingthat’s
interesting.It’ssomethingthatwe’veknown
foralongtime-theexploitgeneration.
Thingsthatarechangingarenotjustthese
vulnerabilitiesthatarenowbeingtaken
advantageof,butthesheervolume.Before
itusedtobesomethingthatwewantedto
sharethesevulnerabilities,andwewantedto
sharethisvulnerabilityinformationwitheach
other.Weknewthatwecouldputdefenses
inplace.Butnow,insteadofjustfindinga
softwarebugthatthenleadsintoasecurity
vulnerability,insteadofjustfindingthoseand
sharingthemsowecanfixthem,peopleare
goingoutandsearchingforthemsotheycan
actuallyleveragethosesoftwarebugs,those
vulnerabilities,andactuallyexploitthem.
Thedifferencenowisreallythatofvolume.
It’sthatvolume,andnowit’sbeingdoneat
alevelwheretheywanttofindtheseissues.
Theywanttofindthesezero-daysbefore
anyoneelseknowsaboutthemsotheycan
remainstealthy,sotheycanexecutecodeon
yoursystem,ortheycangetyoursystemto
dothingslikepulldownothervariancesof
malwareordropafile.
Ourlabgrouplooksatmalware,exploitfiles
andallkindsofdifferentthingseachdayand
theydetonatetheseandwatchandseewhat
theirbehaviorsare.Theyfindover1,000
adaythatanti-virusdoesn’tpickup.Now
it’sthevolumethat’sstartingtokillusand
overwhelmourtraditionalapproachesand
defenses.
Theotherthingistheexploitsaregetting
muchmoresophisticated.Theexploitand
dropperfilesnowadaysarestartingtodo
thingslikemaybetheyonlyexecute,callhome
ordocertainthingsinthehours,timesor
environmentswhereit’ssafeforthemtodoso.
Theymaylookandsee,“AmIbeingexecuted
onaVMwarestackorsometypeofvirtual
stack?AmIoff-networkoron-network?Am
Iathome?AmIonahotspot?”Nowthey
knowthere’sagoodchancethattraditional
capabilitiesandthingsthatanorganization
woulddeploytoprotectthecompanyaren’t
there.
Data Theft
FIELD:James,let’stalkaboutdatatheft.How
doyoufindthatit’sevadingdetectiontoday?
ROBINSON:Themainonethatwe’reseeing
atthispointistheuseofSSL.Wedeployed
SSLtohelpsecureusandactuallybea
mechanismtohelpprotectend-usersand
helpourselvesasasecurityorganization,and
thosesamethingsarebeingusedagainstus.
It’sadouble-edgedswordwherewedon’t
havethevisibility.Nowexploits,callshome,
theex-filtrationofdata,that’sbeingdone
overencryptedchannels.Soifyoudon’thave
visibilityintothat,you’llneverseethatdata
leave.
Theotherthingistraditionalapproaches
of,“Let’sjusttakeanimage.”Ithinkalmost
allofushaveprobablybeenonaWebEx,a
GoToMeetingorsomethinglikethat,andwent
aheadanddidascreencaptureandcaptured
whatwasonourscreen,andnowwehavethat
foronereasonoranother.Thatsametypeof
mindsetandmentalitytotakeascreenshotof
it,senditoutanditwillneverbedetectedis
alsobeingused.
Asmentionedearlier,nowdatatheftis
happeningatcertaintimes.It’sintelligent
whereitmaynotbethatdatatheftis
occurringwhileyou’reonthecorporate
network,butdatatheftwouldoccurwhen
“It’s the volume that’s starting to kill us and overwhelm our traditional approaches and defenses.” -Jason Clark
7 Stages of Advanced Threats© 2013 Information Security Media Group
you’reoffthecorporatenetwork,whenyou
gohomeandyouworkatnight.Ifyoubring
upyoursystem,ifyourapproaches,your
people,processandtechnologydon’tprotect
youandletyouknow,“Hey,I’moffnetwork
andIneedtohaveadifferentmindset,”or,
“I’moffnetworkandIneedtohaveadifferent
control,”thenyou’llnevergetvisibilityinto
thatdatathat’sleaving.
CLARK:Asyoulookatthesevenstages,and
asJamesjusttalkedthroughsomeofthe
examples-thebeginning,themiddleandthe
endofthestages-themostimportantcontrols
todaymostpeopleareputtingmostofthem
ontheperimeter,whichisreallyprotecting
stagesone,twoandthree.Butthetruthis,you
getmuchmoreeffectivenessandreturnfor
yourmoneythecloseryouputyoursecurity
aroundwhatyou’reprotecting.Thebiggest
investmentsreallyshouldbeclosertothe
seventh,sixthandfifthstage,insteadofone,
twoandthree,whichistheoppositetoday.
I’mabigbelieverthatasthebadguystarts
tomovedownthestages,youactuallygain
somuchmorecontext.Inthebeginningyou
wouldjustsay,“That’sweird.It’sthefirst
timewe’veeverseenthisURL.Wedon’tsee
anythingbadyet.”Butatthetimesomeone
couldgettheirhandsonthedata,youcan
startsaying,“Waitaminute.Thisdatahas
nevertriedtoleaveviaSSLtosome.com
sittinginChina.”Or,“Iknowthisuserhas
neverevertouchedthistypeofdatabefore.”
Or,“Waitaminute.Thisuserisnowraw
encryptingthisdata.Rawencryptionisnot
astandardencryptiontechnology.Weuse
somethingelse.”Allofasuddenyou’vegotso
muchmorecontext-who,when,whereand
how-thatyoucanmakebetterdecisionsand,
unfortunately,aninvestmentortwoonthe
front-end-toomuchwhereyourpawnsare
inachessgameandnotenoughwherethe
kingis.
ROBINSON:I’dliketoaddonthat.Wewere
talkingtoapeerorganizationofoursand,
insideoftheircompany,theyfeelthatthey
can’tputanytypeofcontrolclosertothe
end-userortotheclient.Theyneedtouse
network-basedcontrolseverywhere,and
that’sexactlythemindset,exactlywhat’s
happening,that’susedagainstusassecurity
organizationsbecausetheattackersknowthat
interestingdevicesarenowcomingontothe
networkthatwehavenocontrolover.They
knowthatsystemsneedtobeonournetwork
toallowcertainorganizationstobecreative
ormaybedothingsthatwecan’tcontroland
wecan’thavevisibilityinto.Theyknowthat.
They’releveragingthatagainstus.
Human, Technical Resources
FIELD:James,whathumanandtechnical
resourcesdoorganizationsneedtosupport
defenseagainstthisseven-stageapproach?
ROBINSON:WhatI’lldoisI’llbreakthis
downintopeople,processandtechnology.I’m
atruebelieverinthatarchitecturalprinciple
orframeworkforguidingyourcontrols
andwhatyou’retryingtoachieve.Froma
technologyaspect,therehavebeensome
changeslately.Thetraditional“let’sprotect
ourfront-end,websense.com,”thatapproach
isstillathreatthatwehavetothinkabout.
Inthenewadvancedthreat,wherethey’re
targetingourend-users,tryingtogoafter
theintellectualpropertyanddatathatwe
haveinsideourorganization,thatchanges.
Thattraditionalapproachisn’tgoingtobe
aseffectiveinthatonethreat.Howdidthat
change?Nowweneedtoactuallylookat
wherethisuserisgoing.Weneedtolookat
DLP.Weneedtolookatthesetechnologies,
helpfeedintoprocessesanddiveintothe
processpiece.
Asanorganization,weneedtobeserious
aboutourincident-responsecapabilities.We
needtobeseriousabouthavinganeducational
awarenessprogramtolettheend-usersknow
[they’re]partofthis.You’reapartofthethreat
landscape.They’retargetingyou.They’re
nottargetingmysystemsthatI’mtryingto
build,protectanddeploy.They’retargeting
youandusingyouagainstus.They’redoing
adivide-and-conquertypeofattackonus.
Youcanbringtheusersin.Alotoftimes
nowadays,youcanusegamification,letting
usersknowthatthey’repartoftheattack.
Evensharingthingsthathavehappenedinside
oftheorganization[is]verypowerful.Alot
oforganizationsjustaren’tthere.Theydon’t
havetheeducationalawarenesscomponents.
They’restillusingtraditionalmethodsfor
that,whereeveryonegathersinaroom,goes
“The truth is, you get much more effectiveness and return for your money the closer you put your security around what you’re protecting.” -Jason Clark
7 Stages of Advanced Threats© 2013 Information Security Media Group
throughaPowerPointandthey’renotusing
theseadvancedapproaches.Howdoweget
peopleinvolved?Howdowegetpeopleto
careaboutthis?That’sreallyabigquestion
thatwe’relookingatinternaltoIT,and
we’redoingsomecoolthingsinsideofITto
trytoanswerthat,workingwithpartnering
organizations.Howdowegetpeopletobe
partofthis?Howdowegettoknowabout
theseprocessesthatnormally,ifitwasona
PowerPoint,theywouldn’tremember,they
wouldn’tcareandtheywouldwalkoutofthe
roomandmaybetakeadonutwiththemon
thewayout?Howdoweactuallygetthisin
frontofthemandgetthemtobepartofour
team?
Theotherthingonthatend-usernoteis:
Howdoweincentivize?Usinggamification,
goingbacktothat,howdoweactually
rewardpeopleandgetpeopletobepartof
thisprogram?Hollywoodhasdoneagreat
jobofincludinghackingandthattypeof
thing.Canweleveragesomeofthosesame
things?Hackingisacoolconceptnow.It’s
somethingthatpeoplewanttoknowmore
about.It’ssomethingthatboardsofdirectors
aretalkingabout,allthewaydowntopeople.
DidyouhearFacebookgothit?Didyouhear
thatThe New York Timesgothit?Didyou
hearaboutthoseTwitterposts?Thosetypes
ofthingsareverypowerfulforustoleverage
andtoeducatepeopleon.Letthemknow
thisiswhat’shappening.Here’swhat’sgoing
onoutside,andyoucouldbesusceptibleto
this.Thatwouldbeprobablythesumofitall:
People,processandtechnologyareeverything
youneedtofocuson.
CLARK:AsJamessaid,peopleandprocess
isreallystrong.Onthepeopleside,imagine
you’resecuring10,000ofyourusersand
youhaveastaffofeight.Ifyoucouldget
those10,000employeestobeasecurityteam
memberfortwominutesoftheday,everyday,
incentivizingtobepartofthesecurityteam,
allofasuddenyouhaveavolunteerarmy,and
yoursecurityteamandresourcesjustgrewa
thousand-fold.
TheotherthingonthetechnologysideIurge
everybodyisyouhavetogofromthatgood-
enoughsecuritymentality,orthecompliance
securitymentality,tobebesttechnology.You
needtodemandthebestateverysinglething
youbuy,unlessit’sacommodity,unlessit’s
acheck-the-boxthing,likeAV.Thoseforthe
mostpartarecheck-the-boxstuff.Butwhen
itcomestomalware,whenitcomestodata
protectionandit’sreallythemosteffective
controlsyouhave,youcan’tjustdoit[like]the
olddays.
Backin’06and’07,I’vedonethisatother
companiesbypickingmyfavoriteAVvendor
andsaid,“TheeventsfortheAV,canyouwrap
inatthesamepricetheseotherfourorfive
technologies?”Igettocheck-the-boxandI
getabunchofgood-enoughsecurityfora
verycheapprice.OrIbuyfromaguywho’s
anetworkplayer.IbuyfromCiscobecause
they’rethearchitectureplaysoitjustmakes
“We need to … let the end-users know [they’re] part of this. You’re part of the threat landscape. They’re targeting you.” -James Robinson
DATA THEFT
Cybercrime reaches out into internal systems for data to steal.
CALL HOME
Calls home for more malware to expand attack.
DROPPERFILEFILE
If vulnerablity exists, malware dropper fi le is
delivered.
EXPLOIT KIT
User’s system is inspected for an
open vulnerability.
REDIRECT
Funnels and sends the user to a hidden server.
LURE
There are two types of lures:email and web.
RECON
Gather online information
to build targeted lures.
The Seven Stages of Advanced Threatsand Data Theft
7 Stages of Advanced Threats© 2013 Information Security Media Group
sense,butthatdoesn’tworkanymore.You
havetohavethebesttechnologyandthemost
effectivetechnologynowateachstage.
Defending against Advanced Threats FIELD:Jason,let’stalkabouttechnology.
HowdoyouatWebsensesupportyour
customers’defenseagainstadvancedthreats?
CLARK:Thefocusiswehavetomakethem
successful.Theyneedtotrustus.Wehave
tobetheirtrustedadvisersothattheyopen
upandtelluswhatthey’reprotectingand
whatthey’reconcernedabout.Whataretheir
vulnerabilitiesandtheirweaknessessowe
cansitthere,havethatconversationandtryto
developastrategyforthemthat’sgoingtobe
themosteffective?
Thefirststepisgettingthattrustandfocusing
onensuringtheirsuccess,helpingthemalign
withtheirbusinessandhelpingthemalign
withtheexecutivesandtelltheexecutivesnot
thefunstuff,notthe,“Ohmygosh;everything
isonfire;wemightgetcompromised,”but
justbreakingdown,“Herearethethreats,
thewholethreat-modelingstuffwe’vetalked
about,andhereiswherewe’reat.We’re
compliant,buthere’swhatI’mworriedabout
today,”andthentakingthattothetechnology
spaceandunderstandingthat.
Wehavedevelopedanadvancedthreat
securityarchitecturethatweshareandhave
alotofothertechnologiesinit.Italked
aboutthe30CISOs,goodfriendsofoursin
theFortune500,andwegrabbedaCISO
thateverydaythey’resuccessfulagainst
advancedattacks.Theymighthavehada
compromise,butthey’vebeatenthebad
guysout.They’rewinninginthewar.We’ve
mappedhowthey’rewinningandwe’vebuilt
thisframeworkthatseemstobeconsistently
howthetoporganizationsarewinningthe
war.We’renowsharingthatframeworkwith
ourcustomers,or,forthatmatter,anyheadof
securityinaFortune1000thatreachesoutto
us.Wewanttoshareandwewanttohelpthe
securitycommunitybesuccessfultogether.
Thisframeworkbreaksdowntheten
differenttechnologiesthattheyneedto
dotobesuccessfulinthepeople,process
andtechnologystuff,andtrynewproducts
atWebsense.Ourweb-securitystuff,our
threatprotection,cloudprotection,andthe
endpoint,thelaptopsandthemobiledevices,
aswellasourspear-phishprotectionand
ourdata-theftprotectiontools,arevery,very
criticaltothoseFortune500customers.Many
ofthemwilltellyouit’sthesecret.It’sthe
number-onewaythatthey’recatchingthe
badguyseverysingleday,whetherthey’re
externalbadguysorinternalbadguys.n
Websense, Inc. is a global leader in protecting organizations from the latest cyber-attacks and data
theft. Websense TRITON comprehensive security solutions unify web security, email security, mobile
security and data loss prevention (DLP) at the lowest total cost of ownership. Tens of thousands
of enterprises rely on Websense TRITON security intelligence to stop advanced persistent threats,
targeted attacks and evolving malware. Websense prevents data breaches, intellectual property theft
and enforces security compliance and best practices.
LISTEN TO THE INTERVIEW
http://www.bankinfosecurity.com/interviews/7-stages-advanced-threats-i-1912
“You have to go from that good-enough security mentality, or the compliance security mentality, to be best technology.” -Jason Clark
7 Stages of Advanced Threats© 2013 Information Security Media Group
4 Independence Way • Princeton, NJ • 08540 • www.ismgcorp.com
About ISMG
Headquartered in Princeton, New Jersey, Information Security Media Group, Corp. (ISMG) is a media company focusing on Information Technology Risk Management for vertical industries. The company provides news, training, education and other related content for risk management professionals in their respective industries.
This information is used by ISMG’s subscribers in a variety of ways —researching for a specific information security compliance issue, learning from their peers in the industry, gaining insights into compliance related regulatory guidance and simply keeping up with the Information Technology Risk Management landscape.
Contact
(800) 944-0401 [email protected]