When SUNBURST hit the headlines, the infosec world stopped to stare. With a previously unheard-of depth of penetration in the technology supply chain and a pool of victims that includes some of the world’s most prominent organizations, it has since been recognized as one of the most impactful attacks to date. And the most worrying part? There was little to nothing that could have been done to prevent it.
Attacks like SUNBURST are, thankfully, rare but serve as an important lesson for those involved – and those spectating. When traditional countermeasures fail to prevent such a threat, it’s the post-compromise, ‘right of boom’ risk mitigation that must take center stage. As OWASP’s Cyber Defense Matrix summarizes, that responsibility sits on the shoulders of the affected organization’s people: ultimately, it’s their skills and decision-making capabilities that will ensure a robust response and recovery.