Presenter: Stephen Head, CISSP, CISM, CISA, CDPSE Regional Practice Director - Risk & Compliance Jefferson Wells
In December 2020, the Cybersecurity and Infrastructure Security Agency (CISA) of the U.S. federal government issued an emergency directive to disconnect or power down SolarWinds Orion products after it was discovered malicious actors were exploiting the software. The implications of this announcement were immense, as SolarWinds is a security vendor that helps monitor the IT networks of every branch of the U.S. military, four-fifths of the Fortune 500, and numerous other organizations. The full impact of this compromise is still being investigated, and the CISA expects that cleansing the compromised environments will be highly complex and challenging for organizations.
Organizations depend on third-party commercial software not only for securing their networks, but also for managing and storing customer data, financial accounting and reporting, and fulfillment of core business processes. Managing the cyber aspects of these software supply chains is an area of critical concern. Join us as we discuss the impact of the SolarWinds compromise within the larger context of software supply chain vulnerabilities.
This webinar will examine the following key areas: • Background information on how the attack was conducted • Control weaknesses allowing the attack to be so successful • How this risk goes beyond SolarWinds to include thousands of software products • Warning signs an organization may be at significant risk of compromise • 10 steps an organization should take right now
Regardless of your industry, this session will provide practical advice on how to protect your systems and data from these types of attacks, and alert you to actions your organization can take now to avoid becoming the next victim.
Stephen has broad-based experience in cyber risk, regulatory compliance, IT governance and aligning controls with multiple standards and frameworks. He is the author of the internationally recognized Internal Auditing Manual and Practical IT Auditing, both published by Thomson Reuters, and has served as International Chair of ISACA's Standards Board. Stephen is a CPA, CISSP, CISM, CDPSE, CMA, CFE, CISA, CGEIT, CRISC, CBCP, MCSE, CHP, CHSS, CITP, CGMA, CPCU, and holds an MBA from Wake Forest University.
ManpowerGroup® (NYSE: MAN), the leading global workforce solutions company, helps organizations transform in a fast-changing world of work by sourcing, assessing, developing and managing the talent that enables them to win. We develop innovative solutions for hundreds of thousands of organizations every year, providing them with skilled talent while finding meaningful, sustainable employment for millions of people across a wide range of industries and skills. Our expert family of brands – Manpower, Experis, Talent Solutions, and Jefferson Wells – creates substantially more value for candidates and clients across more than 75 countries and territories and has done so for over 70 years. See how ManpowerGroup is powering the future of work, visit www.manpowergroup.us
The content and opinions represented here should not be relied upon or construed as legal, financial and/or medical advice.
The law is changing literally every single day and can vary from state to state and even city to city. Please consult with your own Legal, HR and Finance resources and consider state and local law variations before making any policy or procedure changes.