Information Security News

Mandiant’s Perspective following the Munich Cyber Security Conference 2023

CyberCrowd are partnered with Mandiant, global leaders in threat intelligence and incident response. This partnership allows us to bring you their insights into global threats and their impacts.

This blog post highlights the key takeaways from the Munich Cyber Security Conference and how Mandiant (now part of Google Cloud) are playing a leading role in addressing the growing issues with cyber policies. If you would like to read the full blog post you can do so here.

The Munich Cyber Security Conference (MCSC) provides a welcome exchange to discuss new challenges facing the cyber security community. 

Blurring of Lines 

Cyber operations stemming from Russia’s invasion were an inevitable focus. Mandiant observed more destructive cyberattacks in Ukraine during the first four months of 2022 than in the previous eight years.

One of the main challenges since the invasion began has been defending against such a wide spectrum of Russian campaigns. 

This is reflected in Google’s and Mandiant’s jointly published Fog of War report, which explores how the Ukraine conflict has transformed the cyber threat landscape. 

Network defenders are now facing multifaceted threats in the face of increased coordination across cyber espionage, destructive operations, information operations, hacktivism, and cybercrime. 

We must address these challenges by doubling down on our own collaboration within the security community.

Responsible Players

Several government speakers called on industry to play an active role in response to today’s challenges throughout the conference. Google and Mandiant remain committed to being responsible players.

Mandiant has deep insight into adversary activity that will be further complemented by Google’s insights. Responsibility means building a collective view of the threat landscape but doing so in a way that protects privacy and sensitive data. With the aim to play an active role in equipping the security community with useful insight into the threats that really matter. 

The Role of Regulation 

Within Europe, the conversations around cyber security and regulation are often discussed in tandem. This year’s MCSC was no exception, given the dynamic regulatory environment within Europe. The Network and Information Security Directive 2.0 (NIS2) is now adopted in the EU, while the Cyber Resilience Act (CRA) has recently been published. 

NIS2 means a comprehensive incident response plan and clear reporting are now more important than ever. Mandiant intends to play an active role in remediating incidents and equipping organisations with a clear understanding of their vulnerabilities and the roadmap to building secure networks.

Meanwhile, the CRA focus on bolstering supply chain security makes it increasingly important to use threat intelligence to focus on the supply chain threats that really matter.

The Russian-backed SolarWinds supply chain compromise has instigated a wide conversation around supply chain security among security leaders in recent years. However, there is a broader context that also requires urgent attention.

Mandiant intelligence reporting shows almost 40% of software supply chain compromise in the same year as the SolarWinds compromise involved developer tools and open-source libraries. Since then, China has been highly active in conducting software supply chain attacks while Mandiant has observed a sharp uptick in financially motivated supply chain compromise incidents. 

All of this highlights the important role of threat intelligence in responding to supply chain threats and the CRA. Supply chain threat intelligence can be utilised by regulators themselves to identify prominent threats and design well-informed policy. Network defenders can also leverage supply chain threat intelligence to build a clear protection plan that focuses on key threats. 

Embracing the Challenges Ahead

MCSC 2023 outlined a variety of challenges across the cyber policy and network defence community. However, we should always remember that the security community possesses the agency and capability to tackle these head on. Scaling security functions through a combination of threat intelligence and automation, allows a focus on the threats that matter most. 

When network defenders are up against well-resourced government backed attackers, the situation can easily feel hopeless. However, threat intelligence can empower security functions. Better visibility into threats leads to faster and deeper actionable insight. This allowed defenders to quickly react to threats and thereby impose greater costs on threat actors. 

Where do CyberCrowd come in?

Working with Mandiant improves our threat intelligence portfolio, complementing our 24x7x365 Managed SOC capabilities. Not only does our partnership enhance our threat detection capabilities but helps to improve our incident response and breach management services, ensuring that our customers get the very best out of the services that we are offering. 

Network defenders are now facing multifaceted threats in the face of increased co-ordination across cyber espionage, destructive operations, information operations, hacktivism, and cyber-crime. 

Policies are an integral ways to ensure that all organisations are carrying out best practice to protect their information technology assets. The Munich Cyber Security Conference provides a great opportunity for organisations and policy makers to sit down and establish a path to success.

We all know the consequences of a cyber-attack, using Mandiant’s threat intelligence allows us to ensure that we are planning ahead and mitigating opportunities before they arise.

If you would like to hear more about our partnership with Mandiant, or how our partnership could help your organisation, please Contact Us.