Supply chain security and the Bugs Existing in it

Haroon Meer is the founding father of Thinkst, the corporate behind the well regarded. The recent SolarWinds mega-hack has managed to grab mainstream media headlines round the world but the more I read, the more i feel the press coverage has buried the lede.

The incident gets called a “supply chain” attack which hints at war-time tactics and, I’m willing to bet, will launch a dozen VC-backed startups. People are (rightfully) worried about the consequence since the SolarWinds attackers had access to many other development-houses and will have also poisoned those wells.

The state of enterprise security: While we’ve made progress in some areas of data security (e.g. the degree of data and skill required to take advantage of memory corruption bugs in modern operating systems) , enterprise security remains stuck pretty firmly within the early 2000s. An enterprise network consists of an untold number of disparate products, duct-taped together through poorly documented interfaces where often the quality for product integration is “this config works, don’t touch it!”. Any moderately skilled attacker will decimate an indoor corporate network long before they’re discovered, and therefore the average time it takes to realize Domain Admin is measured in hours and days rather than weeks or months. Most organizations, sadly, do not know this. They know the money spend on security is doing it right in the required senses. Most haven’t any clue they’re sitting ducks for average attackers of moderate skill, much less nation state-backed adversaries with unlimited resources.

Share

Related

Unveiling a Unique Attempt to Transform the Course of Video Streaming and Broadcast Delivery

Harmonic is officially set to showcase its industry-leading video...

The Hot Waters of Social Media

As spectacular as technology’s rise has been so far,...

IoT Tech Expo Global 2025: Shaping the Future of IoT Innovation in London

Olympia, London UK – IoT Tech Expo Global, set...

How insight-driven security builds business resiliency

The acceleration of digitization initiatives was paramount to make...

Aerospace & Defense Manufacturing and R&D Summit 2025 to convene Industry Leaders In Washington, DC

The prestigious Aerospace & Defense Manufacturing and R&D Summit,...

Flying All the Way to a Cleaner Environment

As humans, we hold the concept of continuous growth...

Enabling Small Businesses to Unlock a More Professional Brand of Customer Support

Jobber, the leading provider of home service software, has...

Bringing a Unique Nimbleness and Convenience to Your Wireless Charging Experience

ESR, the No. 1 selling brand of MagSafe accessories...

II CME Cardiologists and Anesthesiologists Conference

2nd CME Caridologists and Anesthesiologists Conference scheduled at Dubai...

Latest

No posts to display

No posts to display