Heightened cyber threats have everyone on edge, what do you need to know? - Lacework
About Us Leadership Investors Careers
Contact
US Data Center Frankfurt Data Center
English
Français
Deutsch
  • PLATEFORME
  • PLATEFORME
  • SOLUTIONS
  • SOLUTIONS
  • CLIENTS
  • CLIENTS
  • PARTENAIRES
  • PARTENAIRES
  • RESSOURCES
  • RESSOURCES
COMMENCER
About Us Leadership Investors Careers
Contact
US Data Center Frankfurt Data Center
English
Français
Deutsch
PLATEFORME
CAPACITÉS
ENVIRONNEMENTS
Technologie
Retour
Plateforme de données Polygraph®
Protection basée sur les données, de la création du code au cloud, le tout dans une seule plateforme.
CNAPP Plateforme de protection des applications cloud-nativeSécurisation de l'ensemble du cycle de vie des applications IaC Sécurité de l'infrastructure en tant que code Correction des erreurs de configuration le plus tôt possible K8s Kubernetes Security Identification des risques et des menaces qui pèsent sur vos clusters K8s Container Security Visibilité sur l'activité des hôtes et des containers
CSPM Gestion de la posture de sécurité du cloud Évaluation des risques et optimisation de votre posture de sécurité du cloud CWPP Plateforme de protection des cloud workloads Surveillance permanente des menaces pesant sur les workloads Gestion des vulnérabilités Identification et correction des vulnérabilités, de la conception à l'exécution Cloud Compliance Rationalisez les audits et conformez-vous aux normes du secteur
Retour
Amazon Web Services (AWS) Simplification de la sécurité pour Amazon Web Services Google Cloud Automatisation de la sécurité pour Google Cloud
Microsoft Azure Sécurisation des applications Microsoft Azure en continu Multicloud Protection des environnements multi-cloud et hybrides
Retour
Ingestion de données Obtenez une vue plus complète grâce à une approche avec et sans agent Intégrations Optimisez votre productivité grâce à une intégration avec vos workflows existants
Polygraph® : moteur d'analyse comportementale Identification et reconnaissance automatiques des comportements habituels grâce à notre technologie brevetée de machine learning
COMMENCER
SOLUTIONS
Secteur et taille
Rôle d'utilisateur
Retour
HealthTech Protection des données de santé et preuve de conformité HIPAA Gaming Sécurisation des données des joueurs tout en optimisant le développement des jeux
FinTech Prévention de la cybercriminalité grâce à des transactions financières sécurisées Sécurité du cloud pour les startups Automatisation des processus pour stimuler la croissance des petites entreprises
Retour
Sécurité Identification des problèmes liés au cloud, avec des informations contextuelles détaillées permettant d'agir rapidement
Développeur Développement plus rapide en intégrant la sécurité en continu et en bénéficiant d'une visibilité complète
COMMENCER
CLIENTS

Nos clients

Les entreprises les plus innovantes au monde font confiance à Lacework.

Explorer les success-stories
Réussite client
  • Études de cas
  • Formation :
    Lacework Academy
  • Documentation produit
Assistance client
  • Assistance
  • Se connecter
  • Nous contacter
Pocket Gems protège les données des clients et facilite la détection des vulnérabilités

Pocket Gems protège les données des clients et facilite la détection des vulnérabilités

Lire l'étude de cas
COMMENCER
PARTENAIRES

Programme de partenariat Lacework

Nous aidons nos partenaires à mettre en place des pratiques efficaces et rentables pour la sécurité du cloud en vue de favoriser son adoption.

EN SAVOIR PLUS
Partenaires de distribution
  • Programme de partenariat Lacework
  • Trouver un partenaire
  • Portail des partenaires – Connexion
Alliances stratégiques
  • Alliances Lacework
Bénéficiez d'un aperçu du paysage actuel des ransomwares et des meilleures pratiques pour minimiser les risques.

Bénéficiez d'un aperçu du paysage actuel des ransomwares et des meilleures pratiques pour minimiser les risques.

EN SAVOIR PLUS
COMMENCER
RESSOURCES

RESSOURCES

Découvrez l'approche moderne de Lacework en matière de sécurité du cloud grâce à nos articles, études de cas, vidéos, e-books, webinaires et livres blancs.

Explorer la bibliothèque de contenu
Ressources et insights
  • Blog
  • Études de cas
  • Rapports du secteur
  • Infographies
  • Présentations des solutions
  • Vidéos
  • E-books
  • Livres blancs
  • Webinaires
Formation et documentation
  • Académie Lacework
  • Documentation
Découvrez les tendances majeures sur les cyber-menaces qui planent sur le cloud.

Découvrez les tendances majeures sur les cyber-menaces qui planent sur le cloud.

Rapport sur les menaces du cloud, Volume 4
COMMENCER

Heightened cyber threats have everyone on edge, what do you need to know?

Mark Nunnikhoven - Distinguished Cloud Strategist

22 mars 2022

Heightened cyber threats have everyone on edge, what do you need to know?The Lapsus$ cybercriminal collective recently entered the hacking scene, and they have come out the gates on a mission. Taking a rather unorthodox approach in their public persona, they’ve claimed a number of notable hacks in the past couple of months. This week, they claim to have breached identity platform provider Okta and Microsoft.

It’s the issue with Okta that has the security community abuzz. And why wouldn’t it? Okta is an extremely popular service helping companies simplify their access to other services. It’s a key part of many companies’ security strategies, and is trusted with a lot of sensitive access for a wide range of companies, and for good reason. Services like this greatly simplify identity and authentication challenges.

Any significant breach at a service like Okta would have a very large blast radius. Given the potential, staying on top of this is a critical issue for the security of your organization.

Getting to the bottom of an incident takes time. During the early stages, speculation can run rampant…especially on social media. While speculation can be a useful tool, your security practice needs to work from data and confirmed facts, not guesses.

We now know the attack against Okta’s service was much more limited than Lapsus$ implied to the public. As this story moves on to examine how Okta responded to the confirmed compromise initially, it’s important companies use this moment to stop, evaluate security posture, and implement best practices to harden defenses against an increasing threat landscape.

Incident response is a dynamic process during which new information often comes to light. Okta has updated their original statement and released a detailed blog post of the incident. The new post provides some clarification and explanation of how Okta operates. In addition, it states that some customer data may have been “viewed or acted upon.” Those customers are receiving detailed, individual reports from Okta now.

 

Larger Context

Security isn’t a binary state. You aren’t “secure” or “insecure.” Consideration needs to be paid to the larger context. Visibility into your internal systems is critical but so is an understanding of the status of your service providers and the larger world around the organization.

This issue comes to light at a time of heightened awareness around cybersecurity, due in large part to recent world events. The threat landscape has changed significantly over the past few months, so much so the White House recently called for organizations to act immediately to strengthen their cybersecurity postures.

This call to action is one of many initiatives in the US to shine a light on current cybersecurity challenges. The administration and the SEC are also working on stricter data breach reporting requirements. Taken together, it’s clear cybersecurity is an important aspect of any business.

What Should You Be Doing?

How can you take steps to protect your organization today? As a security strategy, you should focus on visibility, insights, and action across your business.

That three step process will help keep your security efforts in line with other business initiatives. Cybersecurity is critical but it’s only one aspect of running a business.

Alongside the call for heightened awareness of cybersecurity issues, the White House offered a number of steps that you can take today to address these challenges. Some of these are tried and true advice about the basics. Keep your systems updated, have a strong backup strategy, use modern security tools which continuously monitor environments, enable multi-factor authentication, and more.

One of the steps stood out in particular: “Run exercises and drill your emergency plans so that you are prepared to respond quickly to minimize the impact of any attack.”

Organizations often struggle to respond to cybersecurity incidents because they are making up the workflow as they go. That’s a sure fire recipe for disaster. Walking through your incident response process helps familiarize your organization with it. It can also highlight any potential gaps or areas where you’re lacking visibility.

These exercises don’t have to be full run throughs, however. Tabletop exercises can be just as effective and they are much easier to set up on a regular basis. Regardless of the format of these exercises, the goal is to make sure everyone is on the same page before you’re in crisis mode responding to a cybersecurity incident.

Direct Action

In the light of the current situation with Okta and the White Houses general warning, here are the steps you want to be taking right now within your security practice:

  1. Gain greater visibility. Increase the sensitivity of the alerts you are actively monitoring. What might’ve been safe to ignore previously probably merits your attention in the current climate.
  2. Maximize the effectiveness of your security team. They have the subject matter experience that can provide the insights other teams need to bake security into their everyday activities.
  3. Take action when warranted. If your monitoring and observability activities highlight something that’s suspicious, have a bias towards action. In a different threat environment, you might investigate further before taking any action. That risk calculus has changed for most organizations now. Take reasonable actions to mitigate possible threats and then investigate further.

The Future

Cybercrime and cybersecurity incidents aren’t going anywhere. Organizations need to take steps to protect themselves. The second half of the White House’s statement acknowledges that and addresses the longer term.

The path forward means adding security earlier in our technology lifecycle. Commonly coined as “shift left” this effort is really about expanding security thinking throughout the development process of technology.

The memo sums it up as, “bake it in, don’t bolt it on.”

Tactics like dependence awareness (a/k/a software bill of materials), vulnerability management, and providing builders the right insights at the right time will help improve security over the long term.

Cybersecurity is a continuous practice. It requires visibility into your environment so that your teams can draw specific insights that help drive action that makes sense for your organization.

There will be more breaches. There will be bigger breaches. So, make sure your teams are focusing on the basics and making steady improvements to your organization’s security posture.

For more information: CISA, the Cybersecurity & Infrastructure Security Agency has a number of freely available packages to help you run tabletop exercises. They are a fantastic resource to help get you started.

Exploration

  • PLATEFORME
  • SOLUTIONS
  • Polygraph
  • Détection des menaces
  • Gestion des vulnérabilités
  • Container Security
  • Multi-cloud
  • Cloud Security Posture Management
  • Expérience Polygraph

ENTREPRISE

  • À propos de nous
  • Investisseurs
  • Récompenses
  • Événements
  • Communiqués de presse
  • Médiathèque
  • Lacework Labs
  • Mentions légales
  • Sécurité et confidentialité
  • Confiance

Apprendre

  • Blog
  • RESSOURCES
  • Académie Lacework
  • Documentation

Assistance

  • Assistance
  • Statut
  • Se connecter

Nous contacter

Pour obtenir une démo ou échanger avec notre équipe commerciale :

Nous contacter

© 2023, Lacework, Tous droits réservés.

  • Politique de confidentialité
  • Conditions d'utilisation