The fictitious Rekt Casino fell victim to a ransomware attack which resulted in personally identifiable information, HR records, and financial information being exfiltrated. The root cause of the problem was a lack of governance, risk, and compliance, along with improperly configured technical and administrative controls. It could also be argued that Rekt Casino lacked a strategic plan as well as an inherent security culture. Looking at the history of Rekt Casino, we are going to identify when the transition from the old school approach of information security could have been transitioned to a more mature enterprise risk management approach.
The mistake organizations often make is to focus too much on defenses such as endpoint protection, firewalls, and intrusion prevention without a good understanding of current threats. Its as if Rekt Casino fortified their castle to protect against bows and arrows, yet the adversaries attacked with a trebuchet.
If the executives, technology team, and board of directors had been paying attention to news stories, security guidance, the organizations current approach to protecting company assets, or even attending security related conferences, they would have better understood how critical security has become and how much the threat landscape has grown. Its not enough to acknowledge that security requires more attention, you also have to act on that knowledge.
In this webcast, we will quickly review the overarching history of Rekt Casino, what they had in place for protections, and the outcome. Then we will dive deep into how Rekt Casino could have better managed their vulnerabilities and how this would have helped prevent the breach from occurring. We will dive into topics such as:
Dont wait! Register now for the other webcasts in the series!