In 2008, Russia orchestrated an attack that disrupted Internet communications in Georgia several weeks before invading the country.
Without cooperation from the Russian government, arresting hackers in the country is nearly impossible. Therefore, U.S. companies have to change their security paradigm from keeping hackers out to catching them once they are in the computer network.
The first step is to collect intelligence on the most likely attackers and then perform penetration testing on critical software most likely to be on the path hackers would take in the network, Kellermann said.
Secondly, spending should be less concentrated on antivirus software, firewalls and intrusion detection systems and shifted to technology that detects malware and its lateral movement within a network.
Sign up for CIO Asia eNewsletters.