All Articles

(Panel Discussion) How To Respond To A Supply Chain Attack?

Posted by pritha on August 18, 2021 at 7:52pm in Blog

Supply chain attacks have become a growing trend in the security world. Attackers are exploiting the trust users have in acclaimed software companies to implant malware into systems. It often results in mass-scale outreach attacks and goes undetected for long periods of time. This talk will uncover the current trends, unique insights from industry experts, understand how to build a reference architecture stack and the regulatory requirements.  

Contributors

  • Anthony Ng, VP Systems Engineering, APAC
  • Bikash Barai, Co-founder CISO Platform & FireCompass,
  • Agnidipta Sarkar CISO Biocon,
  • Rejo Thomas CISO Exide Life Insurance,
  • Prasenjit Das CISO TCS,
  • Sudarshan Singh CISO Capgemini
  • A V S Prabhakar Chief Risk & Compliant Officer Zeta

 

Key Points Of Discussion:

  • Current Trends
  • Unique insight from the trenches and industry expert
  • Responding and recovering techniques
  • Building a reference architecture stack
  • What are the asks from regulators

 

(Panel Discussion) Recorded

 

 

Discussion Highlights

  • Current Trends
  • Unique insight from the trenches and industry expert
  • Responding and recovering techniques
  • Building a reference architecture stack
  • Have complete visibility on your supply chain ( inventory, criticality, dependencies )
  • Reduce the attack surface ( narrow the supply chain)
  • Integrate with your own enterprise risk mgmt. framework
  • Integrate (to the level feasible) with Enterprise IT security architecture (IAM , SOC, Encryption etc)
  • Execute due diligence on your supplier ( enhance the assessment from survey based questionnaire to  3rd part audit report , PT , external cybersecurity benchmarking scorecard  etc)
  • Ensure segregation in case of Supplier being multi-tenant
  • In case of cyber event , isolate /quarantine your company quickly  ( know the  “kill Switch”)
  • Have capability to scan and assess IOC/IOA in your network  ( very relevant for Ransomware)
  • Keep communication  template ready for your stakeholders ( Mgmt , Operations, IT , Customers, Regulators)

P.S. Discussion Summary was contributed by Sudarshan Singh (CISO, Capgemini)

 

 

(Fireside Chat) Recorded

Views: 178
E-mail me when people leave their comments –
Follow
Posted by pritha

CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

RSAC Meetup Banner

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)