Supply chain security and the Bugs Existing in it

Haroon Meer is the founding father of Thinkst, the corporate behind the well regarded. The recent SolarWinds mega-hack has managed to grab mainstream media headlines round the world but the more I read, the more i feel the press coverage has buried the lede.

The incident gets called a “supply chain” attack which hints at war-time tactics and, I’m willing to bet, will launch a dozen VC-backed startups. People are (rightfully) worried about the consequence since the SolarWinds attackers had access to many other development-houses and will have also poisoned those wells.

The state of enterprise security: While we’ve made progress in some areas of data security (e.g. the degree of data and skill required to take advantage of memory corruption bugs in modern operating systems) , enterprise security remains stuck pretty firmly within the early 2000s. An enterprise network consists of an untold number of disparate products, duct-taped together through poorly documented interfaces where often the quality for product integration is “this config works, don’t touch it!”. Any moderately skilled attacker will decimate an indoor corporate network long before they’re discovered, and therefore the average time it takes to realize Domain Admin is measured in hours and days rather than weeks or months. Most organizations, sadly, do not know this. They know the money spend on security is doing it right in the required senses. Most haven’t any clue they’re sitting ducks for average attackers of moderate skill, much less nation state-backed adversaries with unlimited resources.

Share

Related

Wiki Finance Expo Thailand 2026 to Unfold in Bangkok This April — Spotlight on Southeast Asia’s Fintech & Web3 Growth

Bangkok is set to host Wiki Finance Expo Thailand 2026 on...

Transforming Healthcare Systems with Machine Learning

The healthcare field is leveraging the advances of consumer...

Tech-Powered Triumph: How Startups Can Secure Venture Capital and Scale Rapidly

In the ever-shifting landscape of Venture Capital, Startups face...

The Story of Risky Meals

There are a plethora of things that our predecessors...

Empowering the Next Era of Gaming

No matter what definition we decide to go with,...

How AI can improve end of life care in patients with cancer

More than a million and a half Americans are...

The proliferation of technology into law

The early 21st Century has proved to be an...

Validating an Intelligible Take on Transforming Your Procurement Operation

Oracle has officially confirmed the designation of being named...

Enabling GenAI to Connect Your Organization with Next-Generation Possibilities

Automation Anywhere, the leader in AI-powered automation, has officially...

Latest

No posts to display

No posts to display