Description:There are a great deal of conversations today regarding APT and critical infrastructure networks for ICS/SCADA, smart grid and service provider networks. The basic persistent threat (BPT) issues are being ignored in many cases. How can the APT be mitigated when the BPT issues have not been resolved? Typically, the technical features and capabilities required to mitigate BPT issues are present in existing hardware and software on the network. Proper attention to information flows, trust relationships, integration and interdependencies are often not secured during a network architecture design and implementation. When the BPT issues are addressed an APT threat will find it more difficult to spread horizontally and vertically throughout a network. In this presentation common network BPT issues that are often discovered during security consulting engagements will be discussed. BPT network architecture mitigations including separation of services for control, management and data traffic as well as securing and monitoring trust relationships and interdependencies will be covered.