Secure your manufacturing when you attend our cybersecurity webinar

This Nov. 8, 2023 12PM ET session will explore in depth the emerging threats introduced within the commercial mid-market, enterprise, and government supply chain through smaller organizations, often vendors, and the prevailing use of Remote Management and Monitoring (RMM) software vectors to successfully infiltrate the supply chain.

https://gie-net.zoom.us/webinar/register/WN_FyM3z-KcTAaV6C6IUnQ67g#/registration
https://gie-net.zoom.us/webinar/register/WN_FyM3z-KcTAaV6C6IUnQ67g#/registration
GIE Media

Get your seat for this free webinar taking place November 8, 2023 at 12PM ET.

The vulnerability of government, enterprise, and small business organizations alike to supply chain attacks is a rapidly evolving threat. One commonly overlooked supply chain attack vector, recently identified within initiatives supporting the National Cybersecurity Strategy, is the use of Remote Monitoring and Management (RMM) software by threat actors to effectively bypass many existing security controls. RMM software historically has been employed principally by Managed Service Providers (MSPs). With approximately 85% of commercial organizations that employ fewer than 500 employees utilizing the services of one or more MSPs, the presence of multiple RMMs within the trusted supply chain of most commercial enterprise and government entities is nearly certain.

This session will explore in depth the origins, identification, and effective risk mitigations for this highly successful emerging threat. Delivered from the perspectives of a technologist and practitioner, two experts who first raised concerns in 2016 about the potential for attacks using RMMs will explore proven methods to cooperatively improve the security of the supply chain from enterprise to SMB against RMM attacks.

Presented by Lawrence Cruciana, founder and president of Corporate Information Technologies, Cruciana, focuses on identifying and mitigating information-centric cybersecurity risks using risk-informed methodologies. With over 20 years of experience in regulated industries, Lawrence brings unique insight into third-party supply chain risk mitigation. Most recently, his emphasis is on those risks introduced by smaller organizations and Managed Service Providers (MSPs) into larger commercial and government organizations. His efforts in this area are reflected in his nomination to the CISA Joint Cybersecurity Defense Collaborative (JCDC) as a Remote Management and Monitoring subject matter expert.

As an active member of the cybersecurity community, he is engaged in ongoing research and community development which mitigates supply-chain vulnerabilities introduced by smaller businesses and managed services providers (MSPs) into enterprise and government-related organizations. His efforts in this area are reflected in his nomination to the CISA Joint Cybersecurity Defense Collaborative (CISA JCDC) as an RMM ecosystem subject matter expert. Lawrence is a sought-after presenter on Information Risk and Information Security topics across a wide variety of industries. He has been a featured presenter at numerous conferences including the RSA Conference, ISSA International Summits, and numerous industry-specific events.