M+E Connections

When it comes to data breaches, the question is no longer if they will happen but when they will happen, according to Wasabi.

During the April 8 webinar “Avoiding The Headlines: Data Breach Post-Mortem and Future-Proofing Your Defense,” Rob Callaghan, senior product marketing manager at Wasabi, and Michael Johnson, a chief information security officer (CISO) and industry expert, went beyond the shock value of headlines from the past few years about breaches at big-name companies.

In doing so, they pulled back the curtain on real-world attacks, analyzing critical vulnerabilities that attackers often exploit, uncovering valuable lessons learned, and equipping viewers with actionable strategies to future-proof their firms’ defenses.

They provided insights into real-world breach case studies so viewers could: Understand the “how” and “why” behind successful attacks, learning from others’ mistakes to protect their own data.

They also provided actionable steps to avoid similar pitfalls, allowing viewers to gain practical, expert-vetted takeaways to fortify their companies’ security c and mitigate potential risks.

Viewers also learned future-proofed defense strategies that will help them “move beyond reactive protection and discover proactive approaches to stay ahead of evolving threats,” according to Wasabi.

And they explored how Wasabi’s secure cloud object storage empowers firms to build an impenetrable data fortress with features including immutability, air-gapped backups, and multi-user authentication.

The webinar started off with Lily McIntyre, Wasabi digital content specialist, pointing out this was the second installment in Wasabi’s cybersecurity webinar series. She then introduced Callaghan and Johnson.

“It’s a thing that’s in the news,” Callaghan said of cybersecurity fighting breaches. “Typically, when it’s in the news, it means it’s a bad thing.”

Wasabi’s hot cloud storage can help because “we have a high level of protection with a defense [featuring] everything from encryption to multi-factor authentication … to make sure that the people accessing the data” are the people who are supposed to be accessing the data, according to Callaghan. Multiple people also have to “turn the key before any bad action can happen,” he said.

Johnson then provided his take on a recent real-world breach.

Noting that his experience was mainly in healthcare, he pointed out that the biggest breach story in that sector recently was the one that impacted Change Healthcare.

“Change has certainly had a terrible last couple of months where, not only have they been impacted, but because there’s such an extensive supply chain organization, they’ve affected multiple hospitals [and] multiple payers,” Johnson said. “I think that’s what we may have seen with Change is that a level of privileged access led to an attacker being able to deploy encryption across a large number of systems, leading to such an impactful event.”

Callaghan asked Johnson what lessons were learned from a break-in like the one at Change.

“First and foremost,” responded Johnson, “when you talk about what are the root causes of such a large event, you really go back to two events … [and] there’s a series of, we’ll say dominoes, that have to fall. Attackers [have to] get an initial foothold. Once they get an initial foothold, they’ve got to be able to elevate privileges to get admin access. Once they have admin access … they’re going to try to trade those credentials out for more.”

Johnson added that the “holy grail in the Windows environment would be to get domain admin [because] once you get domain admin, you’ve got the privileges to be able to spread malware efficiently.”

The last part of the equation is “how do you recover from that event?” Johnson asked rhetorically. Where I think that organizations can focus on and actually win the battle is that lateral movement, and the key to controlling that is [knowing] how many privileged accounts … you have [and] who’s setting the password for those accounts, and what kind of segmentation do you have between systems? “