Kroll: Lessons Learned from 50+ MOVEit IR Investigations

Kroll: Lessons Learned from 50+ MOVEit IR Investigations


In Q2 2023, Kroll reported a notable shift towards increased supply chain risk, largely driven by the CLOP ransomware gang’s exploitation of the MOVEit transfer vulnerability. The MOVEit exploitation rendered even organizations with mature cybersecurity controls helpless and vulnerable to financial and reputational damage. Only a handful were able to detect the exfiltration, and even fewer could handle the consequences once a trusted partner fell victim.

In this virtual briefing, Kroll experts George Glass and Scott Downie will examine the exploitation in detail and highlight lessons learned from over 50 incident response (IR) investigations handled by Kroll. They will also brief participants on the complexities of third-party investigations, litigation considerations, breach notification challenges and the steps CISOs should take to raise preparedness.

The Briefing Will Cover

  • What led to the MOVEit exploitation
  • Why did the attack amass a bigger impact?
  • Key lessons learned
  • How can organizations improve their cybersecurity posture?