3rd Party Risk Management , Governance & Risk Management
Lessons from the SolarWinds Hack: A CISOs Approach
CyberEdBoard Executive Member, Mario Demarillas, guest speaks on panel at ISMG SEA Virtual Cybersecurity SummitThe popular SolarWinds hack, the supply chain attack that implanted a backdoor in the Orion network monitoring software pushed to 18,000 of the firm's customers, is considered to be potentially the most significant intrusion in our history.
See Also: Live Webinar | Breaking Down Security Challenges so Your Day Doesn’t Start at 3pm
The campaign's full scale, including all of the tactics, techniques and procedures being used by attackers remaining unknown, has left most enterprises across the regions in a state of shock.
What are the lessons the CISOs need to learn from this attack? Do you have a process to evaluate your vendor's security policies and frameworks?
The panel will discuss:
- How should the risk framework of supply chain vendors evolve;
- The risks posed by different kinds of vendors;
- Defining security by design approach while evaluating the third party products.