The SolarWinds Hack and response is creating new cyber security science and awareness of survivorship bias. Since Dec 13th, 2020 DHS/CISA has issued elaborate, regularly updated guidance to all government agencies and private sector organizations on how to respond, contain, recover and mitigate unprecedented and immeasurable insider data breach risk posed by the Russian Intelligence APT29 group. To address newly discovered stealth operations and privileged identity exploits, MITRE has also concluded new techniques need to be defined and added to their popular ATT&CK framework. We will review key CISA guidance to both Organizational Leaders and SOC teams, sharing new best-practices and suggested new ATT&CK techniques for threat hunters, compliance groups and DFIR practitioners.
About Valentin Bercovici:
Val is founder and CEO at Chainkit, democratizing trust throughout digital transformation. Previously, Val was co-founder, now senior advisor at Peritus.ai, focused on AIops via machine learning. A Cloud, Big Data & DevOps pioneer, Val was a founding member of the governing board at the Cloud Native Compute Foundation (CNCF), the Linux Foundation’s home for Google’s Kubernetes, and most popular open source project. Val has enjoyed a long leadership career. Previously, at NetApp/SolidFire, he launched multibillion-dollar storage and compliance products, created the competitive team and strategy, directed new research investments for the NetApp Data Fabric roadmap, and served as SolidFire’s CTO. A pioneer in the cloud industry, Val led the creation of NetApp’s cloud strategy and introduced the first international cloud standard to the marketplace as CDMI (ISO INCITS 17826) in 2012. Val advises numerous data-driven start-ups and is passionate about improving diversity within the tech industry. He has several patents issued and pending around data centre applications of augmented reality and data authenticity.