Neutralizing Risk from Customer Engagements presented at SupplyChainCybersecuritySummit 2019

by Keely Richmond,

Summary : A vulnerability assessment of a customer network found normal issues + China & Russia active in network + >15K outbound files in under 24 hours, some of which were steganography + no BCP, DRP, IRP, or Security Policies + Huawei gear + no visibility of network + no vendor management + no redundancy. The customer is in the communications sector of U.S. critical infrastructure, and located in a rural area covering three states with multiple military bases within the service area. How can we help this customer without impacting our own network and without transferring those risks to other customers, partners, and vendors?