Were you impacted by the Okta compromise announced in March 2022? What were your thoughts on it?

Security Strategy & RoadmapThreat Intelligence & Incident ResponseThreat & Vulnerability Management
1.4k views6 Comments
Sort By:
Oldest
CISO in Software2 years ago
Luckily I was not impacted. We did the typical password resets for everybody, which is a good exercise to go through anyway. It happened in January, so by the time we heard about it, it was too late. But we change passwords every 60 days anyway. And based on what I heard from all my Slack channels, that was what everybody did. There's nothing else you can do. If companies didn't have MFA turned on, and I don't know why anyone wouldn't, they must have been significantly affected.
2 Replies
Senior Information Security Manager in Software2 years ago

It was the same as when RSA SecurID had an incident about eight years ago or so. That was much more significant because you really can't change vendors. You were limited in what you could do. 

Sr. Director of Enterprise Security in Software2 years ago

With the RSA incident, the switching cost was especially difficult. I worked at the government at the time and we all had tokens, but you couldn't even get new ones immediately. Suddenly we had millions of tokens out there that were no longer usable because they compromised the seeds, so there was no coming back from that. The Okta one's a little different because everything's software now. 

lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Founder/Chairman/CTO in Telecommunication2 years ago
It's interesting because someone retweeted a post from the Tabletop Scenarios Twitter account (@badthingsdaily), and it was one of their scenarios from around 2017 in which your SSO vendor is compromised. When these doomsday scenarios pop up, it demonstrates the importance of table topping, because they do happen sometimes. It’s a valuable exercise to be able to think critically and in an inverted way from a risk management standpoint as a company. The Okta compromise was proof of that, and a good reminder.
1 2 Replies
Sr. Director of Enterprise Security in Software2 years ago

I was a OneLogin customer in 2017 when they had a full compromise of everything and that was brutal. Our solution was to move all the apps to Okta as quickly as possible, one by one. That was how we solved that, and there were other ways to solve it, but you had to rotate everything. You had to assume your MFA seeds, user account passwords, and any API integrations were potentially compromised. You just had to assume full compromise everywhere.

CISO in Software2 years ago

Tabletop exercises are great, but you also have to consider the smaller companies too. I'm super surprised when I'm talking to potential customers and they say they don't have any MFA. They have a class B subnet and everything's open, even the data center. And some companies like that have government contracts. How can you have government contracts in your network when it looks like that?

Content you might like

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile DevicesSecurity+2 more
VP of IT in Retail3 days ago
My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more
82 views1 Comment

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote

Any recommendations for a comprehensive GenAI learning platform?

EngineeringData & AnalyticsSecurity Strategy & Roadmap+4 more
IT Manager in Constructiona month ago
Hello,
the topic is so broad, what are you focused on?
Read More Comments
4.8k views2 Upvotes5 Comments

What cybersecurity topics do you think are critical for CIOs to be more involved in, even in orgs that have a CISO?

Relationship ManagementSecurity & GRCSecurity Strategy & Roadmap+1 more
Director of IT in Healthcare and Biotech9 days ago
Cybersecurity governance and risk management (setting up monitoring of emerging threats), data protection and privacy compliance (standardize on data protection across all channels), incident response and recovery planning ...read more
Read More Comments
1.3k views3 Comments

What's a greater concern for returning to the office? Comment how you are prioritizing...

People & LeadershipStrategy & ArchitectureCloud+29 more

Human Factors (fears, mental health, physical spacing)85%

Technical / IT Factors (on-premise tools, pivoting back away from remote)14%

3.7k views3 Upvotes2 Comments