Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

12 Lessons Learned From The SolarWinds Breach: RSA Conference

From scrutinizing technology suppliers and code used during the application development process to axing on-premise Active Directory, here are 12 key takeaways from the SolarWinds breach.

Back 1 ... 5   6   7   8   9   ... 13 Next
photoDigital security concept 3d
Digital security concept 3d Getty Images/iStockphoto

Break Infection Chain To Stem Bleeding

The more places defenders break the kill chain or infection chain, the better chance they have of halting attacks like SolarWinds, said John Maddison, Fortinet’s CMO and EVP, Products. It can be hard to reconstruct the entire outbreak cycle even if some details are known, so Maddison urges companies to break down every stage of the kill chain and determine where the attackers can be stopped.

If an organization decides to give a piece of third-party software like SolarWinds Orion privileged access to everything, Maddison said they need to build a lot of security around it and pay close attention to what systems have access to what data. Companies should raise the level of their network monitoring software so that it’s more integrated with the Network Operations Center (NOC), Maddison said.

Ultimately, Maddison said the best defense would be identifying campaigns in the wild using artificial intelligence before they strike by examining reconnaissance on the dark web and relating zero-day exploits to specific threat actors. Hackers typically conduct reconnaissance on a targeted organization’s systems for months before developing a zero-day exploit, according to Maddison.

 
 
Back 1 ... 5   6   7   8   9   ... 13 Next

sponsored resources