Artwork for podcast Great Security Debate
Bankplosion!
Episode 4913th March 2023 • Great Security Debate • The Great Security Debate
00:00:00 01:03:34

Share Episode

Shownotes

This week, Brian, Erik, and Dan look into the security impacts of last week’s Silicon Valley Bank closure, both from a direct security risk, but also what we can learn about risk from the events leading up to the incident that we can apply to our information security responsibilities.

Brian kicks it off with a great description of how Silicon Valley Bank got here (based on what we knew on 12 March 2023 - subject to change as more becomes known after). And from that, we go some of the direct and indirect lessons and implications such as:


  • Fraud attempts amongst a bevvy of legitimate bank account payment change requests from companies. Check from a known source before changing where you pay.


  • Putting all your eggs into one (infosec or financial) basket can be risky. And risk can bring great rewards, or great resentment


  • Evaluating vendors for where they bank as part of third party risk management (or not)


  • Clear insight to tough choices that have to be made to keep small business and startups running - sometimes that’s not “doing every thing of security”


  • Business continuity planning requires a more realistic “yeah that could happen” when doing the review


  • Remember that there is no such thing as no risk, just determining the right balance of (realistic) risk and downtime for your organisation


  • If one vendor goes away suddenly, what happens? What about if 6 go away all at once?


  • Diversity of suppliers vs. focusing on basics in the security stack

Along with some strong recommendations (or maybe they are warnings) for our security vendor listeners on how not to use this incident as a sales tool (tl;dr: DON’T!), there are a few correlations to the automotive industry. And check out the book club recommendations in the show notes on our website www.greatsecuritydebate.net, too.


Since we recorded another bank, Signature Bank, has also been closed and placed into receivership. On behalf of all of us at Great Security Debate, we wish all those affected either as companies of these banks or their customers good wishes and hope for good news ahead on the recovery of funds.


Thanks for listening!

Support The Great Security Debate

Links:

Mentioned in this episode:

Michigan BBQ Meet-Up July 18, 2024 on Cass Lake

Join Distilling Security on July 18th in Cass Lake, Michigan for a BBQ, food, colleagues, and fun. Thanks to event sponsors: Material Security, Orca Security, Legit Security, and Cyberhaven! Full details and registration forms are on the Distilling Security website https://distillingsecurity.com.

Michigan BBQ Meet-Up July 18, 2024 on Cass Lake

Join Distilling Security on July 18th in Cass Lake, Michigan for a BBQ, food, colleagues, and fun. Thanks to event sponsors: Material Security, Orca Security, Legit Security, and Cyberhaven! Full details and registration forms are on the Distilling Security website https://distillingsecurity.com.

Links

Chapters

Video

More from YouTube