CSRB Report on Lapsus$ Attacks: Moving Beyond MFA, Building Resilience and Mitigating Third-Party Threats

A recently released Cyber Safety Review Board (CSRB) report (Report) reinforces the need for all organizations to take steps to increase their cyber resilience. The Report offers practical cybersecurity recommendations based on its review of the activities associated with the threat actor group known as Lapsus$. With insights from Paul H. Luehr, a partner at Manatt, this second installment of a two-part article series discusses three areas framing the Report’s suggestions, including strengthening identity and access management, mitigating telecommunication vulnerabilities and building resilience. Part one covered key takeaways from the Report, attack techniques used by the threat actors and law enforcement cooperation. See “Four Steps to Secure Open-Source Software After CSRB’s Log4j Investigation” (Sep. 7, 2022).

To read the full article

Continue reading your article with a CSLR subscription.