The irony is that a lot of APT-type attacks aren't particularly 'advanced' at all. You're not necessarily looking at the sophisticated and financially-centered engineering background of the RBN; many attacks targeted at intellectual property and corporate or government data will use the minimum technical level required to perform an attack and exfiltration. This means, finding the systems vulnerable to last year's java exploit, or the employees uneducated enough to click on a phishing message. We all want to be the analyst who discovers the holy grail APT attack, with the super duper new zero day, but most of us are just going to find the person who didn't patch Adobe Reader, over and over again. Lateral movement can be somewhat more interesting.