Blue Mantis recently held its inaugural cybersecurity symposium at Gillette Stadium in Foxborough, MA, with the backdrop of the New England Patriots’ six championship banners. The event focused on the importance of strong cyber defense in minimizing the impact of cyberattacks and the devastating losses that can occur with weak defenses.

The symposium, titled “Unveiling the Anatomy of a Cyber Breach: A Beneath-the-Surface Exploration of the Harsh Realities,” shifted the focus from preventing cyberattacks to best practices for responding to breaches. A panel of security experts discussed a real-life cyber breach, highlighting the victim’s response and lessons learned.

According to Jay Pasteris, CISO and CIO at Blue Mantis, the cyber breach discussed during the symposium revealed simple security measures that were not implemented. Passwords were not required to change from the initial password, there was no multifactor authentication (MFA) requirement, and the extended detection and response (XDR) on the compromised device was not configured properly. This allowed a hacker to breach the system and shut down the entire organization with a ransomware package.

Kevin Powers, founder of the Master of Science in Cybersecurity Policy and Governance Programs at Boston College, emphasized the importance of being prepared for cyber breaches. Organizations need to have a comprehensive playbook that covers all possible scenarios, similar to incident planning in football. Having a clear incident response plan in place can prevent scrambling to devise a plan after an attack occurs.

In the event of a cyber breach, knowing your assets and understanding how they are protected is crucial, as highlighted by Pasteris. Additionally, organizations need to consider cyber insurance as part of their plan and ensure they understand what it covers to avoid any surprises during a crisis.

One key question that organizations face after a ransomware attack is whether to pay the ransom. Joe Bonavolonta, a former FBI agent, advised against paying the ransom, as it can lead to further extortion and data breaches. Building a relationship with the FBI before a crisis occurs can be beneficial, as the agency can provide valuable intel and decryption keys to mitigate the threat.

Scott Lashway, a cybersecurity expert, emphasized the need to be proactive in cybersecurity planning and not using the inevitability of a breach as an excuse for lack of preparedness. Being prepared for any scenario, just like the Patriots in Super Bowl XLIX, can make the difference between triumph and defeat.

Overall, the cybersecurity symposium highlighted the importance of strong cyber defense, incident planning, and proactive measures to mitigate the impact of cyber breaches. By learning from past breaches and implementing best practices, organizations can better protect themselves in an increasingly digital world.

Source link