{"id":24962,"date":"2025-07-15T19:52:10","date_gmt":"2025-07-15T14:22:10","guid":{"rendered":"https:\/\/ivaluegroup.com\/en-in\/?p=24962"},"modified":"2025-07-16T00:44:05","modified_gmt":"2025-07-15T19:14:05","slug":"control-maturity-the-best-defence-against-apt36","status":"publish","type":"post","link":"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/control-maturity-the-best-defence-against-apt36\/","title":{"rendered":"Control Maturity: The Best Defence Against APT36"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"24962\" class=\"elementor elementor-24962\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0ee6591 e-flex e-con-boxed e-con e-parent\" data-id=\"0ee6591\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-82736f7 elementor-widget elementor-widget-text-editor\" data-id=\"82736f7\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 26-03-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<p><span style=\"color: #000000;\">India has been under attack in 2025 &#8211; both on-ground &amp; online. During the time period of the Pahalgam attack and Operation Sindoor, the country\u2019s essential systems faced high volumes of state-sponsored cyberattacks from groups backed by adversarial nations. Many outfits have been involved, yet the flag-bearers of these attacks are Pakistan-backed APT36, also known as the \u2018Transparent Tribe\u2019.<\/span><\/p><p><span style=\"color: #000000;\">APT36 have spent most of the year trying to cripple India\u2019s critical infrastructure:<\/span><\/p><ul><li><span style=\"color: #000000;\">Back in March, before the Pahalgam attack, they spoofed the India Post website to infect Indian Windows &amp; Android users with malware.<\/span><\/li><li><span style=\"color: #000000;\">Immediately following the Pahalgam attack in late April, the group launched a sophisticated phishing campaign aimed at infiltrating India\u2019s defence networks. Exploiting the heightened emotions at that time was their way of building trust &amp; urgency, and they used tactics like deploying credential-harvesting RATs, screenshot capture and keystroke logging to gain access.<\/span><\/li><li><span style=\"color: #000000;\">Then, between May 7-10, they coordinated with 35 other hacktivist groups to launch an all-out offensive, launching over 15 lakh cyberattacks at India\u2019s critical infrastructure (with 150+ being successful) and executing over 650 confirmed DDoS &amp; defacement events.<\/span><\/li><li><span style=\"color: #000000;\">They were back at it again in June, with a credential-stealing campaign that involved mimicking NIC documents.<\/span><\/li><\/ul><p><span style=\"color: #000000;\">It seems like they\u2019re not stopping anytime soon, and there\u2019s a chance they may amp it up even further. As an Indian organization, you have to be wholly prepared for their attacks.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-b6537d9 e-flex e-con-boxed e-con e-parent\" data-id=\"b6537d9\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0c687c8 elementor-widget elementor-widget-heading\" data-id=\"0c687c8\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 26-03-2024 *\/\n.elementor-heading-title{padding:0;margin:0;line-height:1}.elementor-widget-heading .elementor-heading-title[class*=elementor-size-]>a{color:inherit;font-size:inherit;line-height:inherit}.elementor-widget-heading .elementor-heading-title.elementor-size-small{font-size:15px}.elementor-widget-heading .elementor-heading-title.elementor-size-medium{font-size:19px}.elementor-widget-heading .elementor-heading-title.elementor-size-large{font-size:29px}.elementor-widget-heading .elementor-heading-title.elementor-size-xl{font-size:39px}.elementor-widget-heading .elementor-heading-title.elementor-size-xxl{font-size:59px}<\/style><h2 class=\"elementor-heading-title elementor-size-default\">The Controls Attackers Try To Control<span style=\"font-size: 2.5rem; font-style: inherit;\"><\/span><\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-d2f0e60 e-flex e-con-boxed e-con e-parent\" data-id=\"d2f0e60\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-a6b34f5 elementor-widget elementor-widget-text-editor\" data-id=\"a6b34f5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">Groups like APT36 are known to use long-term, persistent tactics targeted at an organization\u2019s weakest security controls:<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-29ea1ca elementor-widget elementor-widget-image\" data-id=\"29ea1ca\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 26-03-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"1024\" height=\"790\" src=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-1024x790.png\" class=\"attachment-large size-large wp-image-24966\" alt=\"\" srcset=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-1024x790.png 1024w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-300x232.png 300w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-768x593.png 768w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-1536x1185.png 1536w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-2048x1580.png 2048w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-24x19.png 24w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-36x28.png 36w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Common-Weak-Controls-48x37.png 48w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ebeb38d e-flex e-con-boxed e-con e-parent\" data-id=\"ebeb38d\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e43d6e5 elementor-widget elementor-widget-heading\" data-id=\"e43d6e5\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Lessons From APT36\u2019s Tactics<span style=\"font-size: 2.5rem; font-style: inherit;\"><\/span><\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ba7b3aa e-flex e-con-boxed e-con e-parent\" data-id=\"ba7b3aa\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0a8a01d elementor-widget elementor-widget-text-editor\" data-id=\"0a8a01d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">By understanding their patterns and tactics, there are lots of lessons to be learned for Indian organizations when it comes to crafting their cybersecurity strategies:<\/span><\/p><p>\u00a0<\/p><p><span style=\"color: #000000;\"><b>Layer Your Defences: <\/b>APT36 doesn\u2019t just target one control at a time &#8211; their most devastating campaigns are multi-pronged in nature. Take an example with some of the aforementioned weak controls to see the cascading effect: they gain access through insufficient password policies &amp; lack of MFA, then move laterally with ease across systems due to poor network segmentation, and wreak havoc while remaining undetected due to lack of effective monitoring. Their layered attacks need to be matched with layered defences of your own. That doesn\u2019t mean getting as many security controls as possible &#8211; it\u2019s about getting best-in-class solutions that tackle all the attack vectors your organization could face together.<\/span><\/p><p>\u00a0<\/p><p><span style=\"color: #000000;\"><b>Move From Reactive To Proactive:<\/b> By the time groups like APT36 are inside your systems, it\u2019s already too late. With that access, they could inflict damage upon your organization and the country as a whole. Therefore, reactive threat response should be made proactive through an effective threat hunting &amp; threat intelligence strategy across all your controls, that monitor for anomalies and incidents. That way, you address potential attacks right at the outset before they cascade and get worse.<\/span><\/p><p>\u00a0<\/p><p><span style=\"color: #000000;\"><b>Get A Unified View: <\/b>Ultimately, all these improved controls and threat intelligence platforms don\u2019t amount to anything if they work in silos. You need a single platform that perpetually governs all these activities and gives you a unified view into threat insights as and when they are identified.<\/span><\/p><p>\u00a0<\/p><p><span style=\"color: #000000;\">So, how does your organization go about making a portfolio of layered, proactive solutions with a unified view?\u00a0<\/span><\/p><p><span style=\"color: #000000;\">How do you go about crafting the solid cyber defence India needs in its critical infrastructure organizations during this time?<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-08c131b e-flex e-con-boxed e-con e-parent\" data-id=\"08c131b\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-75c9d14 elementor-widget elementor-widget-heading\" data-id=\"75c9d14\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Build Control Maturity Within Your Organization<span style=\"font-size: 2.5rem; font-style: inherit;\"><\/span><\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-be8e4d4 e-flex e-con-boxed e-con e-parent\" data-id=\"be8e4d4\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-92b53e8 elementor-widget elementor-widget-text-editor\" data-id=\"92b53e8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">Control maturity measures the strength &amp; reliability of your security controls over time, with processes to ensure linear growth for each control. There are many guidelines out there to measure it, but the prevailing one resides in the NIST Cybersecurity Framework. This divides each security control\u2019s maturity into 4 tiers:<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-2c0effc e-flex e-con-boxed e-con e-parent\" data-id=\"2c0effc\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-b621ca7 elementor-widget elementor-widget-image\" data-id=\"b621ca7\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1024\" height=\"686\" src=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-1024x686.png\" class=\"attachment-large size-large wp-image-24967\" alt=\"\" srcset=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-1024x686.png 1024w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-300x201.png 300w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-768x514.png 768w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-1536x1029.png 1536w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-2048x1372.png 2048w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-24x16.png 24w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-36x24.png 36w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tier-48x32.png 48w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-d8f7d05 e-flex e-con-boxed e-con e-parent\" data-id=\"d8f7d05\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-e8185b5 elementor-widget elementor-widget-text-editor\" data-id=\"e8185b5\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">Let\u2019s take the example of a specific control &#8211; your authentication policies &#8211; to show you how it evolves from low maturity to high maturity:<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-1a935a6 e-flex e-con-boxed e-con e-parent\" data-id=\"1a935a6\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-928727f elementor-widget elementor-widget-image\" data-id=\"928727f\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"1024\" height=\"384\" src=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-1024x384.png\" class=\"attachment-large size-large wp-image-24971\" alt=\"\" srcset=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-1024x384.png 1024w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-300x112.png 300w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-768x288.png 768w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-1536x576.png 1536w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-2048x768.png 2048w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-24x9.png 24w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-36x13.png 36w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Maturity-Tiers-Example-48x18.png 48w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-cdfcd8f e-flex e-con-boxed e-con e-parent\" data-id=\"cdfcd8f\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-a7670d9 elementor-widget elementor-widget-text-editor\" data-id=\"a7670d9\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">So, how do you go about building control maturity for all the security controls that groups like APT36 try to exploit?<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-055a487 e-flex e-con-boxed e-con e-parent\" data-id=\"055a487\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-fd35d2c elementor-widget elementor-widget-heading\" data-id=\"fd35d2c\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Creating A Roadmap For High Control Maturity<span style=\"font-size: 2.5rem; font-style: inherit;\"><\/span><\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-a8ddbad e-flex e-con-boxed e-con e-parent\" data-id=\"a8ddbad\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6b33abf elementor-widget elementor-widget-text-editor\" data-id=\"6b33abf\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4><span style=\"color: #000000;\">Step 1: Identify your most vulnerable controls<\/span><\/h4>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-8c514c6 e-flex e-con-boxed e-con e-parent\" data-id=\"8c514c6\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-6374a27 elementor-widget elementor-widget-text-editor\" data-id=\"6374a27\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">Groups like APT36 have preferences in terms of controls they like to target. Many of them have been mentioned in the chart above, but each organization is different in terms of the kinds of specific vulnerabilities they have. The first thing to do would be conducting a general vulnerability assessment across your entire digital infrastructure &#8211; a tool like Tenable Nessus (which we at iValue provide in our control maturity suite) is the perfect starting point to identify your most vulnerable controls.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-1844607 e-flex e-con-boxed e-con e-parent\" data-id=\"1844607\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-0b43c4a elementor-widget elementor-widget-text-editor\" data-id=\"0b43c4a\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4><span style=\"color: #000000;\">Step 2: Know which maturity tier you\u2019re in for every control<\/span><\/h4>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-904d03d e-flex e-con-boxed e-con e-parent\" data-id=\"904d03d\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-ca77285 elementor-widget elementor-widget-text-editor\" data-id=\"ca77285\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">Now that you\u2019ve identified them, it\u2019s time to check where each control is in the maturity tiers, from Tier 1 to Tier 4. Doing this exercise for all controls will help you further prioritize which controls need the most time devoted to making them mature.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-83fc8bb e-flex e-con-boxed e-con e-parent\" data-id=\"83fc8bb\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-b2151f4 elementor-widget elementor-widget-text-editor\" data-id=\"b2151f4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4><span style=\"color: #000000;\">Step 3: Create an implementation strategy to hit high maturity levels for each control<\/span><\/h4>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-3f79b74 e-flex e-con-boxed e-con e-parent\" data-id=\"3f79b74\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-66eec0e elementor-widget elementor-widget-text-editor\" data-id=\"66eec0e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">After conducting all these assessments, it\u2019s finally time to start implementation. To achieve high maturity for all your controls, best-in-breed solutions must be used for each &#8211; something iValue specializes in.\u00a0All these solutions are tailored to give your organization a proactive approach to identifying threats &#8211; the key is to feed all that threat intelligence into a 24&#215;7 Security Operations Centre (SOC) that monitors &amp; responds to any incidents as and when they arrive. This unified view is critical in improving the respective maturity levels of all your controls &#8211; a view we at iValue provide with our best-in-class managed SOC.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-ea8423e e-flex e-con-boxed e-con e-parent\" data-id=\"ea8423e\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-b5bb5d8 elementor-widget elementor-widget-text-editor\" data-id=\"b5bb5d8\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h4><span style=\"color: #000000;\">Step 4: Periodically audit to ensure continuous improvement\u00a0<\/span><\/h4>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-b677eec e-flex e-con-boxed e-con e-parent\" data-id=\"b677eec\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-256ea9e elementor-widget elementor-widget-text-editor\" data-id=\"256ea9e\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><span style=\"color: #000000;\">Set time periods when you re-evaluate these controls and ascertain where they currently are in the maturity level. It is important to know that the job isn\u2019t done even when your controls reach Tier 4 maturity. Attack groups like APT36 use state-of-the-art tactics for their approaches, so to stay in Tier 4, you must continuously improve these controls to match current (&amp; future) threat trends. We at iValue offer control maturity audits that go in-depth into what you should be doing to optimize these controls.<\/span><\/p><p><span style=\"color: #000000;\">It\u2019s a roadmap that will make you fully prepared to combat all kinds of cyber threats &#8211; <a href=\"https:\/\/ivaluegroup.com\/en-in\/contact-us\/\">click her<\/a>e to give your organization the best Control Maturity India has to offer with iValue\u2019s suite.<\/span><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t<div class=\"elementor-element elementor-element-e23db4a e-flex e-con-boxed e-con e-parent\" data-id=\"e23db4a\" data-element_type=\"container\" data-core-v316-plus=\"true\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t\t\t<div class=\"elementor-element elementor-element-236b9cc elementor-widget elementor-widget-image\" data-id=\"236b9cc\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"947\" src=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-1024x947.png\" class=\"attachment-large size-large wp-image-24980\" alt=\"\" srcset=\"https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-1024x947.png 1024w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-300x277.png 300w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-768x710.png 768w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-1536x1420.png 1536w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-2048x1894.png 2048w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-24x22.png 24w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-36x33.png 36w, https:\/\/ivaluegroup.com\/en-in\/wp-content\/uploads\/sites\/2\/2025\/07\/Cybersecurity-Solutions-for-Weak-Controls-1-48x44.png 48w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>India has been under attack in 2025 &#8211; both on-ground &amp; online. During the time period of the Pahalgam attack and Operation Sindoor, the country\u2019s essential systems faced high volumes of state-sponsored cyberattacks from groups backed by adversarial nations. Many outfits have been involved, yet the flag-bearers of these attacks are Pakistan-backed APT36, also known &hellip;<\/p>\n<p class=\"read-more\"> <a class=\"\" href=\"https:\/\/ivaluegroup.com\/en-in\/resources\/blogs\/control-maturity-the-best-defence-against-apt36\/\"> <span class=\"screen-reader-text\">Control Maturity: The Best Defence Against APT36<\/span> Read More \u00bb<\/a><\/p>\n","protected":false},"author":1,"featured_media":20195,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"default","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","footnotes":"","_links_to":"","_links_to_target":""},"categories":[131],"tags":[511,532,533,202,256,146],"whitepapers":[],"case_studies":[],"acf":[],"_links":{"self":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts\/24962"}],"collection":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/comments?post=24962"}],"version-history":[{"count":16,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts\/24962\/revisions"}],"predecessor-version":[{"id":24983,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/posts\/24962\/revisions\/24983"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/media\/20195"}],"wp:attachment":[{"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/media?parent=24962"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/categories?post=24962"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/tags?post=24962"},{"taxonomy":"whitepapers","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/whitepapers?post=24962"},{"taxonomy":"case_studies","embeddable":true,"href":"https:\/\/ivaluegroup.com\/en-in\/wp-json\/wp\/v2\/case_studies?post=24962"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}