3rd Party Risk Management , Governance & Risk Management
Lessons from the SolarWinds Hack: A CISOs Approach
CyberEdBoard Executive Member, Mario Demarillas, guest speaks on panel at ISMG SEA Virtual Cybersecurity SummitThe popular SolarWinds hack, the supply chain attack that implanted a backdoor in the Orion network monitoring software pushed to 18,000 of the firm's customers, is considered to be potentially the most significant intrusion in our history.
See Also: Third-Party Privileged Access: Seamless. Efficient. Secure.
The campaign's full scale, including all of the tactics, techniques and procedures being used by attackers remaining unknown, has left most enterprises across the regions in a state of shock.
What are the lessons the CISOs need to learn from this attack? Do you have a process to evaluate your vendor's security policies and frameworks?
The panel will discuss:
- How should the risk framework of supply chain vendors evolve;
- The risks posed by different kinds of vendors;
- Defining security by design approach while evaluating the third party products.