When SUNBURST hit the headlines, the infosec world stopped to stare. With a previously unheard-of depth of penetration in the technology supply chain and a pool of victims that includes some of the world’s most prominent organizations, it has since been recognized as one of the most impactful attacks to date. And the most worrying part? There was little to nothing that could have been done to prevent it.

Attacks like SUNBURST are, thankfully, rare but serve as an important lesson for those involved – and those spectating. When traditional countermeasures fail to prevent such a threat, it’s the post-compromise, ‘right of boom’ risk mitigation that must take center stage. As OWASP’s Cyber Defense Matrix summarizes, that responsibility sits on the shoulders of the affected organization’s people: ultimately, it’s their skills and decision-making capabilities that will ensure a robust response and recovery.

So what can be done to prepare incident response teams for such an attack? How can organizations be sure that their ‘right of boom’ response is as strong as possible?

In our latest paper, we take a deep dive into how organizations can put the psychological theory behind improving human response into practice to build an effective, agile team that knows what to do when the sun bursts.

If you’d like to discover more about SUNBURST, why not listen to the episode of Cyber Humanity dedicated to the attack?


February 16, 2021