Tim Brown, CISO of SolarWinds, on Sunburst

No se pudo agregar al carrito

Solo puedes tener X títulos en el carrito para realizar el pago.

Add to Cart failed.

Por favor prueba de nuevo más tarde

Error al Agregar a Lista de Deseos.

Por favor prueba de nuevo más tarde

Error al eliminar de la lista de deseos.

Por favor prueba de nuevo más tarde

Error al añadir a tu biblioteca

Por favor intenta de nuevo

Error al seguir el podcast

Intenta nuevamente

Error al dejar de seguir el podcast

Intenta nuevamente

Tim Brown, CISO of SolarWinds, on Sunburst

Escúchala gratis

Ver detalles del espectáculo

In this week's episode Dr. Crane talks to Tim Brown, the CISO of SolarWinds about the Sunburst malware intrusion, how it affected him and his company, the changes he made, and how Tim stayed on as CISO after the intrusion.

SolarWinds shot to national prominence due to the Sunburst malware intrusion, first discovered by FireEye in 2020.

This incident resulted in the first stand-up of a cyber unified coordination group, with the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Office of the Director of National Intelligence, to coordinate a whole of government response to this incident.

The Atlantic council said that Sunburst was a significant moment for cloud computing security and the attack raised concerns about the existing threat model that major cloud service providers use. Now imagine being the cybersecurity leader at the organization identified in this intrusion that affected thousands of customers.

That was the situation Tim found himself in, in late 2020. He joins me here today to share his experience and wisdom in dealing with one of the most significant cybersecurity incidents in recent memory.

In this episode:

00:00 — Highlight Clip

02:07 — Introductions

02:54 — Sunburst Incident Overview

05:55 — Difficulties Of Handling An Incident During The Holidays

07:05 — How Tim Stayed As CISO

09:06 — Pivoting From Internal To External Facing CISO

11:16 — Organization Reporting Obligations

12:58 — Finding Help For A Large Incident

14:16 — Reaching Out To National Defenders

15:56 — Cooperating With CISA For Messaging

16:47 — Lessons And Improvements Going Forward

18:58 — Validating A Digital Supply Chain

20:55 — Assume Breach Before And After

21:24 — Sign Off

Tim Brown:

Orange Matter — https://orangematter.solarwinds.com/author/tim-brown/

LinkedIn — https://www.linkedin.com/in/tim-brown-93639a1/

Links in this episode:

SolarWinds RSA Presentation — https://www.youtube.com/watch?v=7DHb1gzF5o4

Thanks To Our Sponsors:

Heinz College CISO Certificate — https://www.heinz.cmu.edu/programs/executive-education/chief-information-security-officer-certificate

CISOWise vCISO — https://www.cisowise.com/

Heinz College:

https://www.facebook.com/heinzcollege

https://www.linkedin.com/school/carnegie-mellon-university---h.-john-heinz-iii-college/

Carnegie Mellon:

https://www.linkedin.com/school/carnegie-mellon-university

https://www.facebook.com/carnegiemellonu

Follow CISOWise on all podcast apps.

Website — https://www.cisowise.com/podcast

Show Notes & Transcript — https://www.cisowise.com/podcast/001-tim-brown-on-sunburst

Todavía no hay opiniones