"Encryption is key," Petraglia continues. Encrypt all data in transit and at rest. Don't make it easy for the hackers to get the data. Follow egress traffic to where it terminates in so far as it is possible. Watch the packet sizes leaving the enterprise as well as their destinations. Watch for unexpected sizes and destinations.
Use a tiered security architecture with different security protocols and entirely different security devices at every level. "The firewalls at different layers should not all come from the same vendor," says Petraglia; "they should be three different versions of firewalls from three different companies." This helps to prevent an attacker from breaking through multiple layers of security using the same kind of attack on the same kind of vulnerability at all layers.
According to Kashyap, the threat landscape has changed over the last few years. "Hackers know the perimeter is well protected so they compromise the employees. Companies that care about their intellectual property should invest in security technology that assumes their employees are gullible and will make mistakes like the end users made during these state-sponsored attacks," says Kashyap.
Enterprises should reevaluate any legacy security tools because the hackers' approaches are more advanced than the capabilities of these tools. "Use multiple tools to recognize anomalous behavior," says Kashyap. Isolate the behavior and don't permit it to proceed any further on the network.
Sign up for CIO Asia eNewsletters.