Teaser - Tim Brown - SolarWinds CISO

https://is1-ssl.mzstatic.com/image/thumb/Podcasts116/v4/68/1a/c3/681ac30c-0656-bc73-6b0a-9ddacd82675e/mza_1050242407832124273.jpg/600x600bb.jpg

CISOWise

11 episodes

4 days ago

We are asking CISOs and other cyber security leaders a simple question: What works and what doesn’t? A podcast of pragmatic advice from experienced CISOs and expert cybersecurity professionals of what works... and what doesn't. The cybersecurity field is old enough now that we have some experienced hands - especially those that have done the same thing more than once, at different companies. Now we are looking to share their insights and hard-fought lessons leading the cyber defense program to which they are entrusted. This is a podcast by CISOs for CISOs and aspiring CISOs.

Careers

Business

RSS

All content for CISOWise is the property of CISOWise and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Careers

Business

https://d3t3ozftmdmh3i.cloudfront.net/production/podcast_uploaded_nologo400/18616140/18616140-1641330563680-9243e309c000b.jpg

Teaser - Tim Brown - SolarWinds CISO

CISOWise

6 minutes 50 seconds

3 years ago

Teaser - Tim Brown - SolarWinds CISO

In this teaser episode Dr Earl Crane talks to Tim Brown, CISO of SolarWinds about the recent Sunburst malware intrusion and the security-by-design philosophy.

SolarWinds, shot to national prominence due to the Sunburst malware intrusion. It resulted in a coordinated whole of government response to this significant cybersecurity incident.

As stated by CISA, an advanced persistent threat actor was responsible for compromising the SolarWinds Orion supply chain as well as widespread abuse of commonly used authentication mechanisms. Throughout the attack, the Sunburst intruders maintained significantly high levels of operational security to avoid discovery. The Sunburst malware landed in its prospective targets and waited patiently for two weeks before initiating any activity.

Now imagine being the cybersecurity leader at the organization identified by name in this intrusion that affected thousands of customers. That was the situation Tim found himself in, in late 2020. He joins me here today to share his experience and wisdom in dealing with one of the most significant cybersecurity incidents in recent memory.