Found this on Bruce Schneir's blog. The NSA's head of Targeted Access Operations tells security convention-goers how to defend against penetration and exploit by nation state attackers and other Advanced Persistent Threat actors. This is straight from the horse's mouth. If you have any responsibility for the security of any organization's data, you should watch this video and take his suggestions to heart.


No, doing what he said will not make you invulnerable to attack. There are no magic wands to wave, no Easy Buttons to hit. It's hard, it's expensive, but it's what works best if you need to defend information assets.


You may be surprised to know that what he says is not particularly revolutionary from a security best-practices perspective. He simply validates what we in the security community have been saying for years. Know your network, keep your software updated, measure and monitor what you do and make constant improvements to your processes. I'm greatly oversimplifying, but those are the basic themes.


As we all know, nothing will stop a determined attacker with sufficient time and resources. However, that is not an excuse to simply throw up our hands and abdicate our responsibilities. Though we can't stop everyone, we can stop some. Those we can't stop, we can slow down. We can also monitor our systems well enough to know when they get through our defenses and take measures to remove compromised resources from our environments.


USENIX Enigma 2016 - NSA TAO Chief on Disrupting Nation State Hackers - YouTube