Latest news with #executiveaccountability
Forbes
02-07-2025
- Business
- Forbes
Hypervisor Ransomware: Why The C-Suite Can't Ignore MITRE ATT&CK V17
Austin Gadient is CTO & cofounder of Vali Cyber. Vali's product ZeroLock protects hypervisors and Linux systems from cyber attacks. A significant shift in cybersecurity guidance has emerged—one that leadership should have on their radar. MITRE ATT&CK v17 now formally includes VMware ESXi security, marking the first time hypervisors have been given dedicated attention in this influential framework. This update reframes hypervisor protection as not just a technical responsibility but a business-critical issue. For organizations relying on virtualized infrastructure, hypervisor ransomware protection is now directly tied to operational resilience, regulatory compliance and executive accountability. Why The Hypervisor Demands Executive Attention ESXi hypervisors form the core of many enterprise infrastructures, orchestrating virtual machines that power critical applications and house sensitive data. Yet hypervisor security has long been underprioritized—assumed to be out of reach for attackers or implicitly covered by other controls. That assumption no longer holds. MITRE ATT&CK v17 confirms what frontline security teams have seen for years: ESXi is under active attack. With the addition of a dedicated matrix for ESXi-specific tactics, the framework maps how adversaries gain access, move laterally and execute payloads directly at the hypervisor layer. For businesses, this marks a shift: hypervisor vulnerabilities now represent a tangible, auditable risk—one that demands immediate attention and clear mitigation. From Framework To Liability: What Executives Need To Know While MITRE ATT&CK isn't a regulatory framework, it has become the de facto blueprint for understanding and defending against modern threats. It guides how security teams prioritize controls, how auditors assess risk and how regulators evaluate preparedness. If your organization can't demonstrate awareness and mitigation of hypervisor security risks, it may be interpreted by auditors or regulators as a lapse in due diligence, particularly following a breach. Key business risks include: • Operational Downtime: A single compromised hypervisor can disable entire workloads. • Audit Gaps: Expect increased scrutiny around virtualization and hypervisor controls. • Response Delays: Many teams lack defined playbooks for hypervisor incident response. • Regulatory Pressure: Unaddressed ESXi vulnerabilities may be classified as preventable. Overlooking the hypervisor layer doesn't just introduce technical risk—it exposes the business to disruption, scrutiny and potential liability at the leadership level. A Strategic Approach To Hypervisor Security Addressing hypervisor ransomware prevention requires a shift in mindset. Just as endpoint and cloud security have evolved, hypervisor security best practices must now be established and operationalized. Executive leadership should work closely with security teams to ensure that the hypervisor layer is no longer treated as an architectural blind spot. Here are foundational steps organizations should take: • Implement access controls such as multi-factor authentication and role-based access to protect administrative interfaces. • Establish lockdown policies to restrict hypervisor-level command execution. • Deploy virtual patching to mitigate risk from unpatched or zero-day ESXi vulnerabilities. • Employ runtime security on the hypervisor to monitor for behavioral anomalies. • Map defenses to MITRE ATT&CK to strengthen security posture and facilitate audits. These measures not only reduce the risk of a successful attack but also demonstrate that your organization takes hypervisor threats seriously—and that leadership recognizes the shared responsibility across security, infrastructure and governance teams. Final Thoughts: What's Next The inclusion of ESXi in MITRE ATT&CK v17 has formally introduced the hypervisor into the risk conversation. For executive leadership, this is the time to challenge outdated assumptions, identify architectural blind spots and develop hypervisor security into the core of your cybersecurity strategy. Overlooking the hypervisor is no longer a technical omission but a strategic vulnerability. As ransomware tactics evolve, the associated risks are no longer theoretical. They are real, measurable and capable of inflicting significant operational and reputational damage. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
News.com.au
20-06-2025
- Politics
- News.com.au
Arrest warrants considered as Minns staffers skip explosives inquiry
The threat of arrest now hangs over five of NSW Premier Chris Minns' top advisers after they refused to front a parliamentary inquiry investigating a suspected terror plot. The five senior ministerial staffers failed to appear before a NSW parliamentary inquiry this morning, prompting the chair of the committee to flag 'further action' in what is fast becoming a major constitutional standoff over executive accountability. The Legislative Council inquiry, chaired by independent MLC Rod Roberts, commenced at 10.45am on Friday but was forced to adjourn for 30 minutes after none of the five summoned witnesses, senior advisers to Premier Chris Minns and Police Minister Yasmin Catley, arrived. The hearing was ultimately abandoned without a vote, after Chair Roberts formally acknowledged the no-show and delivered a lengthy statement criticising the government's ongoing resistance to the inquiry. 'I am disappointed in the government's continued efforts to hinder and frustrate the work of this committee, and ultimately, the role of the Legislative Council to scrutinise the actions of government,' Mr Roberts said. 'The committee will now consider further action in relation to these witnesses under section 7 through 9 of the Parliamentary Evidence Act 1901.' Those summoned included Mr Minns' chief of staff, James Cullen; two senior advisers from the Premier's office, Edward Ovadia and Sarah Michael; and two staffers from Minister Catley's office, Dr Tilly South and Ross Neilson. Their appearance was meant to shed light on who in government knew what, and when, regarding the discovery of an explosives-laden caravan in Sydney's northwest in January. The Premier had previously described the incident as a potential 'mass casualty event'. Although the Australian Federal Police later determined it was part of a criminal conspiracy. The circumstances surrounding the government's response, and whether MPs passed sweeping anti-hate laws in February based on incomplete information, remain under intense scrutiny. A letter sent to the committee chair on Thursday and signed by the five staffers outlined their refusal to appear. They argued that attending would breach 'the principles of ministerial accountability and comity between the Houses of Parliament,' particularly while a separate privileges inquiry by the Legislative Assembly is ongoing. The group also took aim at Mr Roberts' earlier media comments, writing: 'Given your comments on breakfast radio yesterday as to the motivation for issuing the summonses, – which make it clear we are 'proxies' because our respective Ministers cannot be compelled as witnesses to the Select Committee – we also consider that they have not been properly issued,' the letter read. 'In light of the above, we invite you not to press for our attendance at the hearing tomorrow.' Mr Roberts rejected those arguments in his closing statement, asserting the inquiry is properly constituted and that ministerial staff are not exempt from appearing. 'The inquiry seeks to examine the actions of the executive, not members of the Legislative Assembly,' he said. 'The committee is not seeking to sanction ministerial staff for their actions, only to shed lights on the events in the lead-up to the passage of the hate speech and protest laws through parliament. 'The power of committees to summon witnesses and compel them to attend and give evidence is in black and white in the Parliamentary Evidence Act. It is not in doubt.' Local Government Minister Ron Hoenig has previously condemned the inquiry as 'an incursion upon the privilege' of the Legislative Assembly. 'It expressly seeks to scrutinise the discourse of the House, the conduct of its members, be it backbencher or a member of the executive government, while undertaking the primary function entrusted upon them by their constituents which is to legislate,' Mr Hoenig said during Question Time in May. He argued the Legislative Council had overstepped its bounds by summoning ministerial staff and attempting to examine lower house proceedings. Despite the controversy, the Legislative Assembly passed a motion 47 to 27 to refer the inquiry's terms to the Standing Committee on Parliamentary Privilege and Ethics. In response, Mr Roberts amended the inquiry's terms to narrow its focus to the passage of relevant bills through the upper house. Mr Hoenig, however, insisted the changes 'did not go far enough'. Opposition MP Alister Henskens said the amendments were sufficient to avoid breaching privilege and labelled the referral motion 'a transparent attempt to frustrate and delay the upper house inquiry'. Greens MP Jenny Leong said it was 'critical' that the Legislative Council was not prevented from doing its work, warning that any 'unreasonable delay' would raise concerns about the Premier and executive trying to 'subvert' the inquiry. Speaker Greg Piper defended the committee's progression, saying the changes were not intended to obstruct but instead 'an opportunity to actually examine the issue, the rights and privilege, the exclusive cognisance of the Legislative Assembly'. The committee has previously heard from senior police officials, including NSW Police Commissioner Karen Webb and Deputy Commissioner David Hudson. With Friday's hearing abandoned and potential legal action looming, the inquiry is now at a crossroads.
