Major cyber attacks such as Solarwinds, and vulnerabilities such as Log4J and Log4Shell, make press headlines more frequently than ever. These headline cyber attacks cause a frenzy within many organizations, causing an organization’s CEO and the board members to ask “How does this affect us?” and “What are we doing about it?” The reality is security teams need to be ready with timely, yet accurate answers. But how can this be accomplished in today’s world of fragmented data and antiquated security solutions?
Responding to these cyber headline events can be hard, for a few reasons. Firstly, these events are highly critical and require security teams to drop what they’re doing and focus on a response. If teams aren’t structured to support this, it can be extremely disruptive to day-to-day activities. In regard to the Log4J and Log4Shell exploits, product security teams that aren’t used to incident response may not have the right processes to react quickly. Lastly, it’s difficult to understand the impact quickly when security teams do not have the right access to data. These data sets can include a complete asset inventory, provable software build materials, and a unified log repository.
So how can product security (ProdSec) teams and security operations (SecOps) teams respond to these headline events quickly and effectively? Find out what you can do by attending the webinar: Preparing for the Next Cyber Headline Event with a Security Data Lake. Omer Singer, Head of Cybersecurity Industry at Snowflake, and Jacob Solassi, Director of Product Security at Snowflake, deliver the insights and recommendations you need to properly respond to and manage headline cyber events.
Omer and Jacob review, in detail, the four phases of headline event response: 1) identification and scoping, 2) impact analysis, 3) remediation and monitoring and 4) communications. They will cover the differences between a ProdSec responder and an incident responder, and how these two teams can work together. They will also share anecdotes related to their experiences with leveraging a security cloud data lake to help accelerate response. Lastly, they will review an example of clear communication a security team should provide its customers.
This webinar will help you understand how to create a headline response process, how to centralize asset inventory and other security-relevant data in a single place for quick analysis, and how to prepare for internal and external communications about the analysis of the headline event. Whether or not a cyber attack impacts your organization, your senior executives will expect you to conduct this analysis and communicate it in a timely manner. Join us to learn how Snowflake can help you remove the panic that comes with responding to major headline cybersecurity events.