Lessons from the SolarWinds Hack: A CISOs Response
The popular SolarWinds hack, the supply chain attack that implanted a backdoor in the Orion network monitoring software pushed to 18,000 of the firm's customers, is considered to be potentially the most significant intrusion in our history. The campaign's full scale, including all of the tactics, techniques and procedures being used by attackers remaining unknown, has left most enterprises across the regions in a state of shock. What are the lessons the CISOs need to learn from this attack? Do you have a process to evaluate your vendor's security policies and frameworks?
The session will cover:
- How should the risk framework of supply chain vendors evolve;
- The risks posed by different kinds of vendors;
- Defining security by design approach while evaluating the third-party products.