Supply chain attacks have sprung to attention in recent years with a number of high profile and extremely disruptive attacks on technology companies Solarwinds and Kaseya.
With software from these companies used by thousands of other organisations, the impact of these breaches was felt around the world.
In this webinar we discuss:
- What is a supply chain attack
- Types of supply chain attack
- Defending against a supply chain attack
- How Managed Detection & Response can help
A supply chain attack is a unique form of cyberattack in which an organisation is targeted indirectly via a less secure supply chain partner.
As supply chain attacks are becoming more common, organisations are actively seeking to push cybersecurity compliance out through their supply chains to mitigate the risk of a potential breach.
Understanding the nature of supply chain attacks will allow you to assess the potential risk to your organisation and take appropriate steps to manage any identified risks.
In this video, we have a cybersecurity expert speaker from Sophos, Yasa. He introduces himself as a cybersecurity consultant with experience in architecting and building scalable networks and security systems for enterprise businesses.
Yasa provides an overview of Sophos, stating that the company has been around for nearly 30 years, with headquarters in Oxford, UK. He mentions having over 100 million users across 150 countries, emphasizing the importance of sharing information with customers and partners to enhance security.
The speaker discusses the three principal guidelines followed by Sophos: predictiveness, adaptiveness, and the need for solutions to communicate with each other. He emphasizes the importance of visibility across the entire security estate, moving away from the traditional approach of using different products from different vendors.
Yasa presents a chart from Verizon’s data breach report, revealing that the time taken to detect attacks has decreased over the years. However, he highlights the shift in the threat landscape towards ransomware, which is detected faster due to its immediate impact and quick returns for attackers.
He advises organizations to align themselves with a cybersecurity framework, specifically mentioning the NIST Cybersecurity Framework’s three pillars: protection, detection, and response. Yasa explains that while many organizations invest in protection, they often lack maturity in detection and response, posing a challenge, especially for small-sized enterprises.
The speaker provides insights into the typical stages of a cyber attack, including infiltration, reporting of success, spreading within the environment, and the objectives of stealing information or deploying ransomware. He also introduces the concept of a supply chain attack, which targets trusted third-party suppliers rather than the organization directly.
Yasa discusses different types of supply chain attacks, such as phishing, software update attacks, and poison packages. He mentions the SolarWinds supply chain attack, Microsoft Exchange zero-day attack, and the Kaseya attack as recent examples. The SolarWinds case study is explored in detail, highlighting the long period of undetected access and the significant impact on numerous high-profile customers.
The speaker acknowledges the fragmented nature of the cybersecurity industry, with numerous vendors and startups emerging and disappearing, making integration and innovation challenging.
To address supply chain attacks, Yasa recommends monitoring for early signs of compromise, conducting audits of the supply chain, assessing the security posture of suppliers, and regularly reviewing one’s own cybersecurity hygiene. He emphasizes the need to shift from a reactive to proactive approach, assuming constant compromise and actively detecting and responding to threats.
Yasa explains how Sophos can assist in reducing cybersecurity risk, enhancing visibility, and increasing the return on IT investment. He highlights the Adaptive Cybersecurity Ecosystem, where Sophos products communicate with each other to provide comprehensive protection. Additionally, he mentions technologies like artificial intelligence and APIs that enable automation and augment security operations.
The speaker introduces managed detection and response services, offering 24/7 support from a team of experts. He emphasizes their proactive approach in containing and neutralizing threats, providing advice to improve security posture, and allowing clients to customize their collaboration level with the team based on trust.
Ben is a highly experienced technology and business professional with over 25 years’ experience in the field. Prior to founding Grassroots IT in 2005 he served in various roles including Systems Administration, Software Development, Solutions Architecture and IT Management. With his deep understanding of technology and proven business know-how, Ben is a respected and insightful leader.
In addition to serving as Grassroots IT’s Managing Director, Ben is an ultra-marathon runner, coaches and mentors’ entrepreneurs across a range of industries and serves on the board of Entrepreneurs Organization.