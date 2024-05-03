Commentary from Sean Deuby, Principal Technologist, Semperis on the Panda Express Data Breach

May 2024 by Sean Deuby, Principal Technologist, Semperis

While only Panda Express and their security team know the extent today of the recent data breach, any time that personal data is potentially exposed, corporate and customers is at risk of being exposed. However, due to Panda Express’ activation of their recovery and resiliency response plan when they first learned about the breach, they could return from the incident more quickly than most.

Today, it’s imperative for public and private sector organisations to have an assumed breach mindset. Breaches will occur, sensitive data could be exposed, and companies could experience months of disruptions. These disruptions cast doubt, cut into profits and in some cases can be a matter of life and death, in environments with critical infrastructure at stake. Preparing now for inevitable disruptions will dramatically improve an organization’s operational resiliency and better prepare them to turn away adversaries, leading the threat actors to softer targets downstream.

Today, there’s no silver bullet that will solve the cybersecurity challenges facing most organisations. I recommend companies identify the critical services that are “single points of failure” for the business. If critical services go down, the business stops. Have a plan for “what to do if” – or better yet, when. And keep in mind that Active Directory environments are the most vulnerable entry points and one of the most negatively impactful attacks; hackers frequently target these environments, making it imperative that organisations have real time visibility to changes to elevated network accounts and groups.