Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Samsung data breach - Integrity360 comment

November 2023 by Brian Martin Head of Product Development, Innovation and Strategy at Integrity360

As Samsung becomes the latest data breach victim, Brian Martin Head of Product Development, Innovation and Strategy at Integrity360comment :

"There are two things that jump out from the Samsung breach. Firstly, the supply chain is increasingly a massive attack surface for organisations and is a type of exposure that needs to be actively managed with the same enthusiasm and energy as managing vulnerabilities. In fact, organisations need to consider active and continuous threat exposure management to include in scope all the key exposures they have. If they want to mitigate the risk of compromise, this should cover vulnerabilities, supply chain, external attack surface, misconfigurations, leaked credentials, and beyond.

"The second big takeaway is the enormous dwell time before discovery, which highlights the need for threat detection and response that doesn’t just rely on alerts from EDR/XDR platforms. To detect the stealthy activities of malicious actors within your environment, wider range detection and response capabilities, up to and including proactive human-led threat hunting, is key.

"A good starting point for organisations is to conduct an in-depth compromise assessment to uncover the tracks of a compromise that may already be in your environment without you knowing. If you get a clean bill of health then you can go on to review what’s in place in terms of exposure management and threat detection to then raise it to best-practice levels proven to significantly reduce the risk of compromise."


See previous articles

    

See next articles













Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts