What can CSOs learn from the Dyn attacks?

BitSight co-founder Stephen Boyer chats with CSO about key takeaways from the DNS attacks on Dyn, and how to prepare for future attacks

arrows target attack
Credit: Thinkstock


The recent attacks against DNS provider Dyn have provided a wake-up call for many companies that might not have realized the great interdependencies that exist now between companies as many rely on cloud services and cloud service providers. Even if your company doesn’t do business directly with Dyn, chances are you have a third-party provider that does, creating a fourth-party dependency.

In this episode of Security Sessions, I spoke with Stephen Boyer, CTO and co-founder of BitSight, about what enterprises need to learn from these attacks, the components of the particular Dyn attack (and its relationship to the Internet of Things), and how CSOs can prepare for future attacks.

Among the highlights of the video are the following sections:

0:42 What was the biggest surprise that came out of the attacks?

1:20 Are companies relying too much on cloud services or fourth-party providers?

2:28 What factors do CSOs need to consider when looking at their own risk profile?

3:25 What were the components of this particular DNS attack, and what was its relationship to the Internet of Things/

5:05 What can companies do beyond the “wait and see” if their company is a customer of a company facing a DNS attack?

6:47 How can CSOs prepare their systems ahead of any future DNS attacks?

Cybersecurity market research: Top 15 statistics for 2017