The eagle has landed – what happens next?

Understanding the behaviour of attackers once the ‘eagle has landed’ – after they have penetrated your systems – is not about preventing attacks but rather focusing on what happens once hackers gain access to your networks. In the first part of this two-part article we started by reviewing the changing threat vectors and objectives. Now we look at how organisations can classify and counter these developing threats. Understanding the behaviour of attackers after they have penetrated your systems is not about preventing attacks but rather focusing on what happens once they have access to your networks. In this second part of a two-part article, Tracey Caldwell looks at how organisations can classify and counter developing threats. Sharing intelligence is crucial, but it's important to strike a balance between the benefit of information sharing and the risk of tipping off attackers that the organisation is on to them.