"It's possible for organizations to monitor the application traffic, looking for certain combinations of error responses, anomalies in time patterns, variations in the spacing of access, etc.," Cianfrocca said. "This may be easier said than done though, as an organization will need to look for patterns of application access which are out of character for the app, which will require statistical modeling of how the app is supposed to perform."

While it may take some time for the industry to arrive, eventually we should be able to construct a statistical model for normal app use, collect that data, and use it to compare and detect any out-of-character accesses.

* Get back online: Once an attack has been spotted, the affected systems need to be brought back to known good states. This is where safe, secure backups are required; this is where a solid disaster recovery plan becomes invaluable.

"Organizations need to plan, create and be prepared to utilize secure, continuous backups," says Dmitriy Ayrapetov, director of product management at Dell SonicWALL. "Don't forget, the backups must have been scanned for previously compromised systems before being restored, otherwise you open things right back up again."

One option that is getting more attention of late is . "We're seeing a lot of movement from internal recovery models to one in which the cloud is used to provide equivalent recovery capabilities delivered as a service," said Mike Gault, CEO of Guardtime. "When the data is being restored, organizations are demanding that the service providers maintain independent proof that their data has not been changed, manipulated or otherwise tampered with -- this must be achieved through the use of technology capable of delivering such proof."