Companies can then turn to their login monitoring tools to determine whether the credentials of people using those computers have been misused, Dooley said.
The response companies take to a potential breach should be tailored to the individual organization, since the threats posed by an attack will vary, depending on the company, Dooley said.
"It's really about finding something (a response) that's appropriate for that particularly company," Dooley said. "The larger struggle we have in security is understanding the problems in a nuanced way and an appropriate way for the company that we're working with."
Sign up for CIO Asia eNewsletters.