
20. SolarWinds and Cyber Security: What CISOs Should Know
Ngarama
Description
<p><span style="font-weight: 400;">You’ve seen bits and pieces of the SolarWinds story in the news, but what actually happened (to the best of our knowledge) and what can CISOs learn from it? On this episode of</span> <em><span style="font-weight: 400;">Cyber Security Inside</span></em><span style="font-weight: 400;">, Tom and Camille invite Dr. Eric Cole, CEO and founder of Secure Anchor Consulting, onto the show to talk about the SolarWinds hack. </span></p> <p> </p> <p><span style="font-weight: 400;">Plus, during Fun Facts:</span></p> <p><span style="font-weight: 400;">• What’s an early sign of Alzheimer’s or dementia?</span></p> <p><span style="font-weight: 400;">• What did people believe would kill you in 1954? </span></p> <p><span style="font-weight: 400;">• Why was a donkey-less game named Donkey Kong?</span></p> <p> </p> <p><span style="font-weight: 400;">Tune in to find out. This is one you can’t miss!</span></p> <p> </p> <p><strong>Here are some key take-aways:</strong></p> <p><span style="font-weight: 400;">• Large-scale data breaches all share one commonality: a lack of awareness about unprotected data.</span></p> <p><span style="font-weight: 400;">• When it comes to asset inventory and patching configuration management, automation is key. Businesses can’t rely solely on humans to get the job done. There’s technology available that can recognize when a new asset appears, so businesses only have to respond when there’s a problem. They don’t have to be looking 24/7. </span></p> <p><span style="font-weight: 400;">• The SolarWinds attack was a two component attack. First was the attack against SolarWinds to modify their source code for their Orion product. Second, was the distribution of a malicious update to all of their clients (which then created a back door).</span></p> <p><span style="font-weight: 400;">• Unlike attacks in the past where a specific company is targeted, with the SolarWinds attack, it’s more likely that a list of companies was compiled. From there, the hackers looked for common
Uploader
Episodes
20. SolarWinds and Cyber Security: What CISOs Should Know
Ngarama