This book explains the nature of the security phenomenon known as the advanced persistent threat (APT). It also provides helpful advice on how to assess the risk of an APT to the organization and recommends practical measures that can be taken to prevent, detect and respond to such an attack. In addition, it highlights key differences between the controls needed to counter the risk of an APT attack and those commonly used to mitigate everyday information security risk. This book is designed primarily for security managers, IT managers, IT auditors and students studying for computer science or information security qualifications. It is written in clear, nontechnical language so it will also be of value to business managers and government officials responsible for valuable intellectual assets or critical services that might be the target of an APT attack.