|

Global Cyber Breach: The Need to Manage Vendor Risks, People Risks and More…

Several US federal government agencies have been hit in a global cyberattack by Russian cybercriminals that exploits a vulnerability in widely used software, according to a top US cybersecurity agency. Aside from US government agencies, “several hundred” companies and organizations in the US could be affected by the hacking spree, (according to a CNN report). Since late last month, the hackers have been exploiting a flaw in widely used software known as MOVEit that companies and agencies use to transfer data.

Note the following:82% of breaches involved the human element, meaning a breach came down to successful phishing, a misuse of credentials, the ability of a hacker to steal credentials, or just human error within a system

Additionally, the use of a 3rd party (think vendor risk management) and its products/services can be used to introduce/originate a cyber breach, as in this case with the Moveit software. (and solar winds etc. etc.)

Note the ad below for Moveit: It uses the words, “secure”, and “easily ensure”, in the ad. 

With that being said, effective risk management does not end when you hire an entity to help manage your risk.

Similar Posts