Different formats of information — lists of stats, such as our recent 2022 Trends in Securing Digital Identities, or best practices, such as our Identity Defined Security Framework—are perfect for certain situations, but according to researchers, stories wield a particularly strong influence over our attitudes and behavior.
Today, we are excited to publish our second episode in the CISO Chronicles, The Gathering Storm series. The CISO Chronicles centers on a fictional engineering firm with 4,000 employees and the Chief Information Security Officer, Tom. We first met Tom in Episode 1, A Crisis of Identity, as his organization has been infected by the SadG0at ransomware. The attack starts – as with so many headline-grabbing incidents – with a compromised identity and follows Tom as he navigates getting his organization back online as quickly as possible.
In Episode 2, A Case of Persistence, the team has recovered, but the illusion of normalcy is quickly shattered. The threat actors are back—actually, they never left. As Tom and the others soon discover, the attackers found a way to maintain their foothold. Now, he and the rest of the good guys must quickly identify and contain the threat. The battle continues, but winning the war will take a new security strategy that recognizes how distributed workforces, credential theft, and other factors have changed the threat landscape.
CISO Chronicles was inspired by the Identity Defined Security Alliance Beyond Best Practices Technical Working Group, led by Paul Lanzi and team members Aubrey Turner, Steven Bahia, Christopher Hills, Morey Haber, Jerry Chapman, Jennifer Kraxner, and Dan Dagnall. The concepts developed by the TWG were turned into a story by Brian Prince, freelance writer, former journalist, and content marketer focused on cybersecurity for more than 15 years.
Download Episode 2 today to follow Tom and his team as they discover and shut down the intruder and map out their next steps to improve the security of their organization through an identity-first approach to security.