Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events Acronis #CyberFit Summit 2021 Avaya Newsroom Experiences That Matter Cisco Partner Summit Digital 2020 Intel Partner Connect 2021

12 Lessons Learned From The SolarWinds Breach: RSA Conference

From scrutinizing technology suppliers and code used during the application development process to axing on-premise Active Directory, here are 12 key takeaways from the SolarWinds breach.

Back 1 ... 6   7   8   9   10   ... 13 Next
photo

Understand Where Sensitive Data Resides

Organizations have a massive blind spot if they’re unable to see what data has been touched by who and when, according to Varonis CMO David Gibson. Companies should start their security journey by determining what within their organization would be most valuable to hackers, which Gibson said is almost always the data.

From there, Gibson said businesses should figure out where their sensitive data resides, who has access to it, how (if at all) the organization would know if someone accessed that data in an unusual manner, and which specific accounts within the company have the most expansive access to that data. Companies should ensure they have a zero trust strategy in place around their most privileged accounts.

If businesses have a compromise anywhere on their network, Gibson said they should be able to see where the adversaries are going to go next. Organization should also monitor the authentication piece to ensure hackers aren’t taking advantage of common weaknesses in Active Directory, and can conduct reconnaissance work using command and control servers and DNS if an account has been compromised.

 
 
Back 1 ... 6   7   8   9   10   ... 13 Next

sponsored resources