Panel Discussion: Lessons from the SolarWinds Hack: A CISOs Approach
Speakers:Phoram Mehta, Senior Director, APAC CISO, PayPal, Singapore
Mario Demarillas, CISO and Head of IT Consulting and Software Engineering, Exceture, Philippines
Venkatesh Subramaniam, Global CISO & Privacy Head, Olam International, Singapore
The popular SolarWinds hack, the supply chain attack that implanted a backdoor in the Orion network monitoring software pushed to 18,000 of the firm's customers, is considered to be potentially the most significant intrusion in our history.
The campaign's full scale, including all of the tactics, techniques and procedures being used by attackers remaining unknown, has left most enterprises across the regions in a state of shock.
What are the lessons the CISOs need to learn from this attack? Do you have a process to evaluate your vendor's security policies and frameworks?
The panel will discuss:
- How should the risk framework of supply chain vendors evolve;
- The risks posed by different kinds of vendors;
- Defining security by design approach while evaluating the third party products.