ADCG on Privacy & Cybersecurity

98 | The Importance of Digital Asset Inventories in Incident Response

Aug 30, 2023

Ken Westin, a seasoned Field CISO at Panther Labs with over 15 years in cybersecurity, brings invaluable insights into the importance of digital asset inventories. He emphasizes how the lack of these inventories hampers effective incident response, especially following incidents like the MOVEit breach. Ken discusses navigating vulnerabilities in cloud environments, the rise of ransomware, and the need for better asset management. He advocates for collaboration between security and privacy teams to enhance protective measures in an increasingly complex cyber landscape.

29:09

Creator website

Episode guests

Ken Westin

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

The MOVEit breach underscored the urgent necessity for organizations to maintain comprehensive digital asset inventories to ensure effective incident response.

Organizations must shift their focus towards monitoring applications and fostering inter-departmental collaboration to enhance their overall cybersecurity posture.

Deep dives

Understanding the MOVEit Breach

MOVEit is an enterprise application crucial for managing secure file transfers among organizations, including various sectors such as Fortune 500 companies, healthcare, and government agencies. The recent breach involved a software supply chain attack where vulnerabilities allowed cybercriminals to exploit the application across multiple organizations. This particular incident was orchestrated by the CLOP group, which transitioned from ransomware to data exfiltration and extortion tactics, raising concerns about potential collusion with Russian authorities. Given the widespread usage of MOVEit, the breach has had significant repercussions, as many organizations were unaware of its presence in their systems or lacked the necessary visibility and logging to identify potential breaches.

Intro

2min

Navigating Cyber Vulnerabilities: Lessons from the Move It Breach

21min

Navigating Asset Management in the Age of Ransomware

2min

Navigating Cybersecurity: The Role of Asset Inventories and Collaboration

3min

Staying Vigilant: Cyber Threats and Collaborative Resilience

2min

This episode of the ADCG Privacy and Cybersecurity Podcast features Ken Westin, Field CISO for Panther Labs. Ken has been in the cybersecurity field for over 15 years, working with companies to improve their security posture through threat hunting, insider threat programs, and vulnerability research. We discuss how the lack of good application and data inventories impact incident response. When data is spread across data centers, clouds, and SaaS providers, it becomes difficult to track and trace an incident and understand its impact, but it becomes especially hard if the data involves confidential or proprietary business data that is not tracked by privacy officers or if it includes sensitive data that may involve regulators. The recent MOVEit breach, which involved software used to transfer sensitive data between servers, systems, and applications, provided rich lessons in the need for data asset inventories and SIEMs that can correlate data across providers and platforms.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

ADCG on Privacy & Cybersecurity

98 | The Importance of Digital Asset Inventories in Incident Response

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding the MOVEit Breach

Challenges in Incident Response

The Importance of Asset Inventory

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

ADCG on Privacy & Cybersecurity

98 | The Importance of Digital Asset Inventories in Incident Response

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Understanding the MOVEit Breach

Challenges in Incident Response

The Importance of Asset Inventory

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights