I hope you all had a wonderful and relaxing holiday weekend. It’s been a difficult year, to say the least, and I think we all deserved a short break from the stress of work and worry.
Unfortunately, cyber attackers are still working full-time to compromise and degrade our vital information technology systems. Despite the holiday, most of my friends and colleagues are still talking about the SolarWinds hack.
Let’s face facts: It was huge. It was a game-changer. All but 50 of the Fortune 500 companies were hit. The list of targets included the top 10 U.S. telecommunications companies, the top five accounting firms, all of the U.S. military service branches, and the U.S. departments of State, Treasury, Commerce and Homeland Security.
Clearly, this hack was well-planned and carefully orchestrated. As IT practitioners, what can we do? How do we prepare for the next round of attacks?
My good friend Snehal Antani, CEO & Co-founder of Horizon3.ai, has developed a practical three-step method and he shared it with us in a call last week:
- Assess – Stifle exploitation; continuously assess and mitigate verified attack paths.
- Detect – Identify ineffective security tools, processes, policies and training to accelerate detection time.
- Respond -- Accelerate breach response: Rapid “initial damage assessments” to complement forensics.
I’ve worked with Snehal for many years, and I have high confidence in his analysis of the challenge we’re all facing. We’ll be sharing more about his firm’s innovative three-step approach in future newsletters and reports.
Meantime, we need to remember that our organizations and our customers are counting on us to safeguard their data and to protect them from cyber attackers. We cannot sidestep that responsibility.
As I wrote in last week’s newsletter, we need a far better system for pooling information about cyber risk. We need to share our collective wisdom and implement practical strategies for mitigating risk. We need to elevate our peer-to-peer networks and transform them into efficient engines for real-time collaboration and continuous improvement.
From my perspective, I believe we need a concerted industry-wide effort to mitigate the risks of state-sponsored cybercrimes such as the SolarWinds hack. And that’s just the starting point. We also need to make certain that our educational systems are producing the talent required to defend and protect our essential IT and OT systems.
My concern, of course, is that the next wave of attacks will focus on our power grids, water treatment systems, public safety organizations and healthcare systems. That’s why we need to prepare now and resist the urge to wait until another attack reminds us of how truly vulnerable we really are.