Summer Myatt
On Tuesday, ExecutiveBiz Events hosted its Supply Chain Cybersecurity: Revelations and Innovations forum to provide esteemed cybersecurity leaders with a platform to investigate the causes, consequences and lessons learned from the 2020 SolarWinds cyber attack as well as share industry best practices for securing organizations against future threats as the global supply chain crisis continues to affect public and private sector operations.
Following keynote addresses delivered by Attivo Networks’ Tony Cole as well as Jeff Jorge and Leo Alvarez of Baker Tilly, Ronald Bushar took to the virtual stage as the event’s closing keynote speaker.
Ronald Bushar, senior vice president and global government chief technology officer at Mandiant, delivered a keynote address that shed light on adversarial motivations and provided a different operational perspective on how supply chain risk management intersects with overall network risk reduction and cyber attack prevention.
If you missed this timely event, please visit the ExecutiveBiz Events page to watch the full Supply Chain Cybersecurity: Revelations and Innovations forum and other GovCon events on-demand.
To begin, Bushar gave the virtual audience a look at the primary motivations, strategies and focus points that influenced the nation’s cyber adversaries in last year’s SolarWinds attack and which continue to drive the execution of targeted, disruptive cyber breaches today.
“The real takeaway throughout this whole process, as we investigated the entire attack and its propagation, was the extraordinary breadth of access that was used to really only get to a very small number of eventual, targeted victims,” he commented.
Bushar said of the 18,000 SolarWinds customers who were affected, the adversary delivering the attack was only interested in less than 50 endpoint targets for long-term access and collection purposes.
Despite this small number of end targets, however, the historic breach had a much more widespread impact on the industry and served as a glaring example of the nation’s cybersecurity flaws and vulnerabilities.
Moving forward, Bushar said, the focus should be not on prediction or recovery but on creating a durable infrastructure that will be capable of withstanding many different kinds of attacks while securing a broad range of critical data.
“If you can’t ascertain or predict where the next vulnerability is going to be, or where that next supply chain implant will come from, you have to build a resilient system inside of your organization that has the ability to carefully monitor your critical assets, your crown jewels, within the environment,” he stated.
As organizations move from castle-like protection to more museum-like security models, Bushar said zero trust principles can help guide the development of specifically designed cybersecurity infrastructures that correlate with individual risk.
“This is an evolving discussion, and I’m seeing an acceleration of this thought process of moving to zero trust,” Bushar said of the next step in cybersecurity.
To hear Ronald Bushar’s full keynote address detailing zero trust architecture implementation and benefits, visit ExecutiveBiz.com to watch Supply Chain Cybersecurity: Revelations and Innovations now.
The next event hosted by ExecutiveBiz will be the platform’s Dual-Use Technology in Space Defense Forum on November 9th, which will bring distinguished federal and industry leaders to discuss how critical space defense agencies such as the U.S. Space Force can leverage advanced dual-use technologies to retain a competitive advantage over U.S. adversaries as the space domain continues to grow.
William Nelson, director of the U.S. Army’s Assured Position, Navigation and Timing Cross Functional Team, will deliver a keynote speech to share strategies, priorities and concerns as he continues to integrate dual-use technology in an effort to synchronize space capability development across military branches.
Visit ExecutiveBiz.com to register for the platform’s Dual-Use Technology in Space Defense Forum on November 9th.
