EDITOR ’ S QUESTION
WHAT ARE THE PROPER PRECAUTIONS TO TAKE TO AVOID A RANSOMWARE ATTACK ( PART TWO )?
This article is the second in the series . Don ’ t miss the first part which appeared in last month ’ s magazine .
Due to the fact that IT company Kaseya has been hit by a major ransomware attack and because of the continuing relevance of the
Each of these connections can be a pathway for massively good things , but also opens the door to a shared fate scenario , where a security incident at your supplier is likely to also become an incident on your network .
issue we are taking another look at trying to avoid being the victim of a ransomware attack . Following the attack on Kaseya , James Shank , Ransomware Task Force Committee Lead for Worst Case Scenarios and Chief Architect , Community Services for Team Cymru , told us : “ Vendors and supply chains enable business growth and efficiency , but they also create high value targets for attackers .
“ With SolarWinds , CodeCov and now Kaseya being some of the recent software and IT system supply chain attacks that enabled attackers to hit their customers , the writing on the wall is crystal clear : Attackers are looking for ways to compromise supply chain vendors to amplify their reach into victims . This is not the first and it won ’ t be the last . It is time to add another item to the already overwhelmed corporate security teams : audit suppliers and integrations with your supply chain providers . Limit exposure to the absolute minimum while still enabling business operations .
“ During the Ransomware Task Force Worst Case Scenarios thought experiment , this exact scenario was identified as a critical weakness . It isn ’ t clear how best to respond , as the world – and enterprise operations – becomes more and more connected and co-dependent every day . Each of these connections can be a pathway for massively good things , but also opens the door to a shared fate scenario , where a security incident at your supplier is likely to also become an incident on your network .
“ The new security operations paradigm must consider suppliers as part of their extended perimeter to defend . Being able to see exposures and threats beyond the traditional network perimeter needs to become part of best-in-class security practice .”
The new security operations paradigm must consider suppliers as part of their extended perimeter to defend .
32 INTELLIGENTCIO NORTH AMERICA www . intelligentcio . com