A Briefing on the SolarWinds Threat
Palo Alto Networks Unit 42 Threat Intelligence and Global Strategy & Policy teams will provide a briefing on SolarWinds. They will cover the campaign's scope, timeline, impact, lessons learned, and policy implications in the wake of the most damaging supply chain attack in recent memory. This briefing will strictly focus on their knowledge of the SolarWinds hack and the threat it poses for government organizations at every level. The briefing will last 60 minutes to include time for a moderator-led discussion and Q&A with the audience.
· Ryan Gillis – Vice President, Cybersecurity Strategy & Global Policy, Palo Alto Networks
· Ryan Olson - Vice President, Unit 42 Threat Intelligence, Palo Alto Networks
Scope: How far-reaching is the breach? Do we have a firm understanding of the full extent of the breach and the total number of government entities impacted?
Timeline: When was the breach first discovered and by which entities? Was anyone successful in preventing this attack and how? Is there a meaningful delta between discovery and reporting timeline?
Impact: Were gov agencies impacted at all? What is the status of systems that were breached? How do we know - and when will we know - that these systems can be trusted again?
Value: What types of information were breached and how can it be used against the gov agencies?
Methodology: How was the third-party software exploited? Is there anything unique about the method(s) of intrusion?
Trust: How can the government trust third party software going forward?
Lessons Learned & Policy Implications: What have we learned from this breach and what can Federal, State and Local organizations do to work with industry to ensure something like this doesn't happen again, or how do we significantly lessen the chances of this happening again?