Advanced Persistent Threats Awareness and Readiness: A Case Study in Malaysian
                                                   Financial Institutions


                                      Zeti Suhana Zainudin & Nurul Nuha Abdul Molok


                                                          Abstract



               Advanced  Persistent  Threats  (APT)  has  targeted  the  financial  institutions  (FI)  for
               intelligence gathering on sensitive customer information and monetize the attack. APT
               could cause disastrous impact to the targeted FI and the country’s economy if there is a
               lack of preparation to confront these challenges and attacks. A case study on local FI
               was  carried  out  to  examine  the  influencing  factors  of  APT  awareness  among  FI’s
               cybersecurity practitioners and to investigate the security strategies employed by FI to
               protect  them  from  APT  attacks.  Feedback  from  CyberSecurity  Malaysia  (CSM)  was
               sought  to  validate  the  findings.  It  was  found  that  the  factors  that  influence  APT
               awareness  in  local  FI  include  the  emphasis  on  informal  learning  on  APT,  attackers’
               financial motivation, the FI’s reputational risks and the availability of financial regulatory
               requirements to combat any cybersecurity risks. The awareness has led cybersecurity
               practitioners  in  local  FI  to  implement  advanced  security  technologies  and  integrated
               security controls as their readiness to defend FI against APT attacks.























                                                                                                           12