Watching the Watchers: What Happens When Your Security Provider Compromises Your Network?

Executive Boardroom - 11:45 am - 12:10 pm

The 2017 M.E. Docs cyberattack that crippled hundreds of companies crafted blueprints for hijacking a vendor by targeting and attacking clients through trusted vendor partners. These events herald a new generation of supply chain-based attacks that pit vendor and client against each other as they struggle to navigate co-managed risk mitigation and the resulting consumer, regulatory and legal backlash. 

In 2018, eSentire detected and mitigated an exploit that targeted a key remote administration tool relied upon by a multitude of managed security service firms. This exploit was used to deliver a dangerous payload to their client base. In this talk, Mark Sangster will provide frameworks for assessing your vendors' cyber resilience and discuss building a trusted supply chain through co-managed cybersecurity programs, open communication and event notification, and proactive contractual obligations.

Learning Objectives:

1. Understand how to navigate co-managed risk mitigation when working with a vendor.
2. Build and utilize a framework to assess your vendors' cyber resilience.
3. Understand the indicators of compromise and detection mechanisms needed to proactively detect and mitigate exploits that target vendors.
4. Explore the real-time forensics data and disruption capabilities of Endpoint security through real-world attacks.