Leveraging the CAIQ to Prepare for the Next Supply Chain Attack
Demi Ben-Ari, Co-Founder and CTO, and Dov Goldman, Director of Risk & Compliance, Panorays
About this talk
Not much time has passed since the last supply chain cyberattacks: SolarWinds, Accellion, Codecov, and now Kaseya. Do you think Kaseya will be the last one? We don’t. While you’re probably wondering what can be done to predict or prevent an incident like this in the future, we think the better question is: What can you do to prepare for the next one?
The CAIQ (Consensus Assessment Initiative Questionnaire) created by the CSA (Cloud Security Alliance) covers all of the possible security controls (CCM - Cloud Controls Matrix) that a company can have as a SaaS provider. By mapping all of the possible mitigation options, companies can reduce the risk of using these cloud and SaaS providers.
In this webinar, we’ll discuss the usage of the CAIQ to be able to better prepare your organization for the next supply chain attack that happens—and it will. We’ll also provide some actionable steps you can take to respond to it when it happens and to mitigate compromising your data and your customers' data.
Participants will learn:
1. What actually happened in the recent Kaseya breach and how it compares to SolarWinds and the rest of the latest supply chain breaches
2. How to map your supply chain and know who your third parties are, as well as understand their possible impact
3. How to monitor the digital supply chain and your third parties’ cyber posture
4. How to conduct proper security risk management and remediation
5. How the CAIQ fits in this whole picture and how you can leverage it to be better prepared
We’ll share our experience and expertise as security practitioners who have implemented our own mitigation strategies and helped our clients understand the impact of third-party security incidents.
CSA CloudBytes was launched as a webinar series to help us educate the industry on all matters related to the cloud. Our channel is designed to inform our audience about trending topics, new technologies, and latest research. Learn more at cloudsecurityalliance.org. Join the Cloud Security Alliance on LinkedIn and follow us on twitter: @cloudsa…