Maersk Security Incident

Infosecurity Magazine Home News #GartnerSEC: Maersk CISO Outlines Lessons Learned From NotPetya Attack #GartnerSEC: Maersk CISO Outlines Lessons Learned From NotPetya Attack News 10 Sep 2019 Written by Michael Hill Former Editor , Infosecurity Magazine Email Michael Follow @MichaelInfosec At the Gartner Security & Risk Management Summit 2019 in London, Andy Powell, CISO at Maersk , outlined the key lessons learned from the NotPetya malware attack the company, along with many others, suffered in 2017. Maersk was not alone [in being hit by NotPetya] and anybody that thinks that Maersk was the single biggest example, is wrong. There were a lot of companies bigger than Maersk suffering even worse, but they were not as transparent as Maersk, Powell said. Therefore, the first key lesson learned from NotPetya is that transparency is everything, Powell explained. Our clients at Maersk loved us for the fact that we told them, from day one, what was going on, and we included them throughout in what we were doing. Another lesson learned was that the world has changed, Powell continued. From a company perspective, NotPetya told us that, unless you are a government organization or a very, very highly invested-in bank, you are not going to stop a state-sponsored weapon [such as NotPetya] if it is targeted at you. We were the collateral victim of a state-sponsored attack and look what it did, so if you are trying to build a company to stop 100% of state-sponsored weapons, forget it. If you adopt a strategy around that, you will fail. What organizations must do, is adopt a two-part strategy. First and foremost, you need a balance of proactive and reactive [capabilities]. You need to retain the ability to manage an incident because you will assume that it will occur.In an era when there are going to be a lot of state-sponsored weapons being used in cyber-attacks, you need to implement a reactive and proactive balance. Powell said that organizations also need to learn and...

... (truncated for display)