According to many articles the “Mandiant is the Alexandria security company that's authored a report linking an ongoing series of cyberattacks on U.S. and foreign corporations and entities to the Chinese military. Their expertise, to me, would be being able to “trace the attacks to a Chinese military unit known as "Advanced Persistent Threat 1," or APT1 (Terry, 2013)”. “It provides security incident management products and services to major financial institutions and Fortune 100 companies (Mandiant, N.d.)”.
It “is an acknowledged leader in endpoint security, incident response, and remediation, with more than two million endpoints installed globally. As a trusted security advisor to more than one-third of the Fortune 100, Mandiant’s experts have responded to hundreds of high-profile security incidents and bring deep security and incident response expertise to FireEye (FireEye, 2014)”.
According to the article Six Reasons Why Attackers Successfully Exploit the Security Gap, I would have to say the areas a company should focus on would be the employees first as more and more “attacks are coming from the inside” (Brito, 2013). Our organization just had a few hundred employees open a virus through e-mail (which I thought would be considered a more 80’s virus). You always think employees are going to eventually “get-it” with viruses and opening up phishing e-mails, but it’s not true. Educating the employees is a forever thing to keep up-to-date. These few things are crucial to keeping an organization sound. If the employees are educated to understanding the importance of a virus or phishing emails, it can protect the business. It is realized that the focus on these items can reduce the overall threat, I believe it equally important to include this in a risk assessment.
Other than the obvious (employee awareness), the initial focus should be on the “development of new, significantly upgraded or breached programs, systems, services and physical spaces (Security, N.d.); “cause integrity loss by creating, deleting, and/or modifying data on publicly accessible information and information by externally located interception of wireless network traffic (Nist, N.d.)”.