Supply chain security and the Bugs Existing in it

Haroon Meer is the founding father of Thinkst, the corporate behind the well regarded. The recent SolarWinds mega-hack has managed to grab mainstream media headlines round the world but the more I read, the more i feel the press coverage has buried the lede.

The incident gets called a “supply chain” attack which hints at war-time tactics and, I’m willing to bet, will launch a dozen VC-backed startups. People are (rightfully) worried about the consequence since the SolarWinds attackers had access to many other development-houses and will have also poisoned those wells.

The state of enterprise security: While we’ve made progress in some areas of data security (e.g. the degree of data and skill required to take advantage of memory corruption bugs in modern operating systems) , enterprise security remains stuck pretty firmly within the early 2000s. An enterprise network consists of an untold number of disparate products, duct-taped together through poorly documented interfaces where often the quality for product integration is “this config works, don’t touch it!”. Any moderately skilled attacker will decimate an indoor corporate network long before they’re discovered, and therefore the average time it takes to realize Domain Admin is measured in hours and days rather than weeks or months. Most organizations, sadly, do not know this. They know the money spend on security is doing it right in the required senses. Most haven’t any clue they’re sitting ducks for average attackers of moderate skill, much less nation state-backed adversaries with unlimited resources.

Share

Related

How LegalTech can Change the Legal Industry, One Efficiency Platform at a Time

During the course of my nearly 25 years in...

Getting Better Together

Even though we tend to imply that each one...

Envisioning a New Way of Playing the Game

While there are many things that make human beings...

Balance Raises $56 Million in Series B Financing; Plans to Scale up the B2B Payments’ Landscape

Surely, there are many things that make human beings...

Plotting New Dominance

As much as we try to deny it, the...

A Win-Win Deal

After years of continuous innovation, it can finally be...

marcusevans Announces the Healthcare CFO, Financial Strategy & Revenue Cycle Summit 2025

marcusevans is excited to announce the Healthcare CFO, Financial...

Breaching the Telecom Walls

Human beings tend to carry a lot of valuable...

Singapore Traders Fair and Blockchain Fest: A Day of Triumph and Innovation!

Singapore, March 5, 2024 - A day of triumph...

Latest

No posts to display

No posts to display