The Achilles Systems Hack Assessment Series: Revisiting Enterprise Controls - Part 2 of 4 for Operational Leadership



Achilles Systems, a fictitious IT service provider to human resources teams in medium and large businesses, has fallen victim to an attack in which sensitive customer data and, potentially, customer networks, have been compromised. Achilles has a small security team who has historically focused on basic controls and compliance. However, it seems clear this attack was the work of a sophisticated adversary capable of circumventing the controls in place.

 

Much of Achilles' security has not been maintained since an initial push many years ago, and newer controls were bypassed or disabled by the attacker. Some examples of these are multi-factor authentication, which the attacker bypassed in part by impersonating a Achilles executive in a call to the Service Desk. Later in the intrusion, the attacker disabled Achilles' endpoint detection and response agents while moving through the internal network. Once the attacker achieved access, they quickly moved to systems containing sensitive data and parts of the network where direct customer access was possible.

 

As Achilles works to recover from the attack and regain customer trust, it seeks to invest in a more advanced defense able to withstand a more capable and determined attacker. Achilles management is committed to revisiting its security controls, devising better ways to proactively identify and remediate vulnerabilities, and investing in ongoing efforts to identify and respond to attacks before the damage is done.

 

Part 2 of 4

In this webcast, we will review the attack at Achilles Systems, their previous security capabilities, and why their existing controls were insufficient to help them resist the attack. Then we will dive deep into what could have been done to better tailor and augment those controls to reduce or eliminate the impacts from the attack. Finally, we will talk about what should be done in the wake of the attack to build a more lasting and effective catalog of security controls. We will dive into topics such as:

  • What are the CIS Critical Security Controls
  • How Achilles should have prioritized and implemented the controls
  • A better approach for selecting, implementing, managing, and monitoring controls to mitigate future attacks

This webcast supports concepts from LDR551: Building and Leading Security Operations Centers.


Register for all parts in the series:

Part 2: Revisiting Enterprise Controls

Part 3: Getting Strategic with Vulnerability Management

Part 4: Cyber42 Game Day: Defending Achilles Systems – COMING SOON

Speaker and Presenter Information

Brian Ventura

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


When
Wed, May 8, 2024, 1:00pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results