Gregory C. Rasner - Cybersecurity and Third-Party Risk: Third Party Threat Hunting

1. Chapter 12

1. Chapter 2
2. Chapter 4
3. Chapter 5
4. Chapter 7
5. Chapter 8
6. Chapter 10
7. Chapter 13
8. Chapter 15

Gregory C. Rasner

Copyright 2021 by John Wiley & Sons, Inc. All rights reserved. Published by John Wiley & Sons, Inc., Hoboken, New Jersey.

Published simultaneously in Canada.

ISBN: 9781119809555
ISBN: 9781119809906 (ebk)
ISBN: 9781119809562 (ebk)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate percopy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 7508400, fax (978) 6468600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 7486011, fax (201) 7486008, or online at www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: While the publisher and author have used their best efforts in preparing this book, they make no representations or warranties with respect to the accuracy or completeness of the contents of this book and specifically disclaim any implied warranties of merchantability or fitness for a particular purpose. No warranty may be created or extended by sales representatives or written sales materials. The advice and strategies contained herein may not be suitable for your situation. You should consult with a professional where appropriate. Neither the publisher nor author shall be liable for any loss of profit or any other commercial damages, including but not limited to special, incidental, consequential, or other damages.

For general information on our other products and services please contact our Customer Care Department within the United States at (877) 7622974, outside the United States at (317) 5723993 or fax (317) 5724002.

Wiley also publishes its books in a variety of electronic formats. Some content that appears in print may not be available in electronic formats. For more information about Wiley products, visit our web site at www.wiley.com.

Library of Congress Control Number: 2021935895

Trademarks: WILEY and the Wiley logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

Cover image: AFstudio/Getty Images
Cover design: Wiley

I dedicate this book to two women in my life who made this book possible. First is my mom, who emphasized a love of reading and education that gave me the capacity to write. Second is my wife, who has been my biggest fan, encouraged me to write the book, and put up with the hours of me sitting at my desk writing it. And to my father, who taught me the qualities of a great business leader, father, and husband.

(ISC)2 books published by Wiley provide aspiring and experienced cybersecurity professionals with unique insights and advice for delivering on (ISC)2s vision of inspiring a safe and secure world.

(ISC)2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP) certification, (ISC)2 offers a portfolio of credentials that are part of a holistic, programmatic approach to security. (ISC)2s membership is made up of certified cyber, information, software and infrastructure security professionals who are making a difference and helping to advance the industry.

Gregory C. Rasner has worked as a cybersecurity and IT leader in Finance, Biotech, Technology, and Software fields. He holds a BA from Claremont McKenna College along with certifications: CISSP, CCNA, CIPM, ITIL. Along with the book Cybersecurity and ThirdParty Risk published by Wiley, he has written several online articles for major publications, and is a frequent speaker at forums and conferences on related topics. He has five kids and a wife who is also a cybersecurity professional. Rasner was in the USMC and has held leadership roles in several veterans organizations. Greg was instrumental in establishing the cybersecurity program at Johnston Community College, is a board member on the Technology Advisory Board, and teaches parttime at JCC as well. Fun for him is camping and traveling with his family.

Narendra Patlolla is a senior information security leader. He is currently head of cybersecurity architecture at Arthur J Gallagher & Co. With over 20 years of progressive experience in the industry and cybersecurity discipline, Patlolla previously held key leadership roles at multiple Fortune 500 enterprises, where he established identity and security architecture programs and gained extensive experience in implementing multiple vendor and bespoke solutions. He has managed large security programs across multiple industry verticals (insurance, financial services, technology, healthcare, and marketing services).

Narendra holds a B.S in mechanical engineering, M.S in computer information technology, and M.B.A in finance and management. He is also a Certified Information Security Manager (CISM), a Certified Information Systems Security Professional (CISSP), and a Certified Open Group Architecture Framework (TOGAF) architect. Narendra is a member of the IDSA Executive Advisory Board.

First, I acknowledge God's gifts and blessings to me to be able to write this book. Second, to my Technical Editor, Narendra Patlolla, for such a great job at making the work better. Next are my colleagues and friends who have been so critical to what I learned in leadership, cybersecurity, and operations: John Stewart, Edna Conway, Michelle Guel, Oisin Mac Alasdair, Mark Sullivan, Steve Scott, Ed Goff, Christina Bray, James Claypool, David Quinlan, Ikenna Iloabuchi, Alexander Mulnick, Noah Shindler, Vincent Lau, KC Udoh, Karen Heflin, and many others who have helped me learn and lead. Lastly, the Wiley team, Jim Minatel, Pete Gaughan, and Jan Lynn, who were awesome.

After a recent cybersecurity breach shook both U.S. government agencies and corporations and was proclaimed the worst ever, many colleagues asked me if this was my I told you so moment. While I could have gloated a bit, I instead reminded them and anyone else who would listen that the next one is right around the corner if thirdparty risk is not front and center in the security discussion.

As an executive at Cisco and Microsoft, I have built new organizations delivering trust, transparency, cybersecurity, compliance, risk management, sustainability and valuechain transformation. I have been invited to provide testimony to U.S. Presidential Commissions on cybersecurity and currently serve on the executive committee of the Department of Homeland Security's Information and Communications Technology Supply Chain Risk Management Task Force. In addition, I have authored NATO directives and contributed my input to numerous government and industry bodies. In all cases, thirdparty risk is my primary concern and focus.