Industry status
In the era of great security, APT attack has become the biggest threat to the country. The national network army with national background often launches the APT attack. The entry of the national network army has changed the opponents of network attack and defense, and the attack mode has changed. The imbalance between attack and defense has brought many challenges to network security enterprises. Faced with the current severe network security situation, operators attach great importance to preventing related risks. The operator undertakes the guarantee task of important national activities, and at the same time cooperates with various regulatory authorities in safety inspection and attack and defense drills. How to effectively improve their own security management level and how to face the normalization of attack and defense drills are all severe challenges faced by operators in the era of great security.
Solution
In the face of the improvement of their own safety management level and the normalization of attack and defense drills, the effective solutions are:
1. Improve the overall safety defense awareness through the safety awareness training of all employees;
2. Improve the technical strength of safety protection through the offensive and defensive training of technical personnel;
3. Through the real network attack and defense drills of security personnel, the ability to detect and handle threats is improved.
(1) Safety awareness training
1. Safety awareness assessment
360 assesses the safety awareness protection level of all personnel through questionnaires or topic tests, and develops safety training plans for the overall safety awareness status.
2. Personal information security training
360 has carried out systematic personal information security training through years of security knowledge accumulation, including phishing prevention, password protection, account security, information leakage and identification, communication fraud prevention, etc., including explanation and analysis of social engineering cases.
3. Office safety training
360 conducts office security training for office environment in combination with the characteristics of operators. It includes software use security, remote office security, popular virus prevention, e-mail virus prevention, wireless and mobile security prevention, etc., and explains and analyzes the current APT security events.
4. Safety awareness measurement
360 conducted security awareness assessment on employees by using phishing email simulation attacks, social engineering simulation attacks and wireless simulation attacks to verify the effectiveness of security awareness training.
(2) Offensive and defensive practice training
360 attack and defense actual combat training takes 360 virtual attack and defense range system as the field of actual combat training, builds a simulation environment according to the characteristics of the operator's business system, and restores typical business scenarios and systems in specific domains. Through the virtual target library and vulnerability library of 360 virtual attack and defense range, build attack and defense experiment scenarios to verify vulnerability utilization and attack penetration behavior.
Through the actual combat training of attack and defense, improve the technical personnel's practical safety operation ability, deepen the defense personnel's understanding of the attack penetration behavior, help the technical personnel summarize the safety protection experience, and achieve "knowing attack and good defense".
(3) Real network attack and defense drill
The real network attack and defense drill is based on 360's new generation real network attack and defense range platform, providing the operator with a platform for drill and verification before the heavy security and attack and defense drill. Through the platform, provide operators with offensive and defensive drills in the real network environment, improve the security defense team's security incident monitoring and analysis capability, response and disposal efficiency, and verify the implementation efficiency of security plans and response processes.
Through real network attack and defense drills, operators can quickly understand the status of defense, strengthen targeted security, and verify the effectiveness of protective measures and disposal.
